🚀 go-pugleaf

I've got a question for the net.wisdom out there.  We're currently using
some challenge - response authentication tokens on our Interneted host.
I've decided to stick with the same vendor and order their newer tokens,
which display only one-time passwords - no challenge from the host, you
just type in the password generated by the token.  To keep the host
system's software and the token in sync, some sort of event-synchronous
method is used.  This, of course, has some disadvantages if the token
gets out of sync, because the host has to either look ahead or look
back to resynchronize.  Disadvantages, however, only if this is awkward
for the user or presents big vulnerabilities.

Another vendor offers a similar one-time password card that is
synchronized with the host based on time.  This also has problems if
clocks drift, and has some problems associated with it as well if this
happens.

I've already decided to use the first vendor, since their system permits
other brands of tokens as well as their own, which is important to us.
But I'm wondering whether there are significant advantages/disadvantages
to either method of keeping the tokens and host in sync - i.e., is one
method inherently more secure than the other?  I've spoken to some of
the folks in our cryptography group about this, and they seem to say
that both methods have their drawbacks, but if they both are implemented
well, one is no better than the other.  I guess "implemented well" means
the token requiring a pin and a narrow look-ahead/behind window when out
of sync, among other factors.

Would anyone knowledgeable about this care to comment on the above?  I'd
be more than interested if there are real differences in security
between the two methods.

Regards,
John Wack