Suppose a user employs one-time passwords as above (or, for that matter, reusable passwords), but that the password is transmitted "sufficiently slowly."
(a) Show that an eavesdropper can gain access to the remote server with a relatively modest number of guesses. Hint: The eavesdropper starts guessing after the original user has typed all but one character of the password.
(b) To what other attacks might a user of one-time passwords be subject?