How about an OTP (One Time Password) algorithm? It is described in RFC2289.
http://www.faqs.org/rfcs/rfc2289.html I have a working implementation in Messlib. You can download it an look at the "MessageSocket.SecureMessageSocket" class. That is a modified version where a good random generator is used instead of a finite sequence of passwords. But it is just example implementation - you can get the idea there and develop your own. In fact, my class also has support for encrypting the communication channel, but the OTP algorithm itself only requires a cryptographically secure hash algorithm and a good random number generator. These are all included in Python. ;-) I also tried to use SSL before, but I realized that for "secure password" type authentication, OTP is much easier to understand and use. Of course, SSL can be used for securing the communication line WITHOUT AUTHENTICATION, and it is harder to understand and use. Best, Les -- http://mail.python.org/mailman/listinfo/python-list