I recently used a smart card system for secure remote access to a network. It looked like both the card and the remote system had clocks that were in synch and both ran the same PRNG to produce a new number every minute. Part of the login procedure was to enter the number currently being displayed on the card.
We use this for accessing our Ameritech database. What I recall overhearing when they were training the CENTREX people on the smart cards was that it looks at how far off the numbers are over a period of time and determines how much faster or slower your card is, then figures that into its calculations when you call. So after, say, twenty sessions over a two-week period, it knows not to accept the code from two minutes ago. Chael -- Chael Hall, nowhere@chaos.bsu.edu