One-Time Password (OTP) is a unique password that is valid for only one login session or transaction, on a computer system or other digital device. It is used in a multifactor authentication (MFA/2FA) process to secure access to data. A one-time password is a password that has two fundamental properties : it expires quickly, and it can’t be reused. You will frequently hear the abbreviation OTP as well as the terms “OTP key” and “OTP code”. OTPs avoid a number of shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two factor authentication by ensuring that the one-time password requires access to something a person has (such as a small keyring fob device with the OTP calculator built into it, or a smartcard, USB token or specific cellphone) as well as something a person knows (such as a PIN).
The OTP generator
The OTP generator will provide the user with a unique password generated on:
- something that the user has (an authentication token or smart card)
- a Time-based One-time Password (TOTP) – which is an OTP where the moving factor is time-based
- a HMAC-based One-time Password algorithm (HOTP) – which is an event-based OTP where the moving factor is counter-based rather then time-based
Depending on the MFA solution that is at the origin of the OTP, the OTP generator can also include something that the user knows (e.g a PIN code). This is why it is important to carefully look if your MFA solution is based on multiple or only 1 factor.
Related Products
Related Articles
FEITIAN achieved the FIDO Biometric Component Certification
Beijing, China and Santa Clara, CA — April 29, 2021 — FEITIAN has been qualified to be the first security key and smart card vendor to achieve the FIDO Biometric Component Certification. This is mandatory to qualify for FIDO
EyeLock Releases EyeLock ID® – Simplified Logical Access for On-Premise and Remotely Connected Workers
NEW YORK, Sept. 22, 2020 -- EyeLock LLC, the leader of iris-based identity authentication solutions, announced today the release of its highly anticipated EyeLock ID® logical access system for connected workers. Recognizing that passwords and usernames are things of the
Silverfort Recognized in CNBC’s Upstart 100 for Its Agentless Secure Authentication and Zero Trust Platform
November 12, 2019 02:52 PM -- BOSTON & TEL AVIV, Israel -- Silverfort, the provider of Next-Generation Authentication solutions, today announced it has been named to CNBC’s Upstart 100, a list that showcases a diverse group of up-and-coming companies
HID DigitalPersona Software Named Market Champion in SoftwareReviews’ 2019 Identity and Access Management Rankings
November 06, 2019 02:23 PM -- AUSTIN, Texas--HID Global®, a worldwide leader in trusted identity solutions, today announced that the company and its HID DigitalPersona® multi-factor authentication software have been included in the “Champion” category of the 2019 Identity
BIO-key adds Technology Transfer Institute of Africa to its Channel Alliance Program; Bolstering Sales Reach in Large, High-Growth African Market
WALL, N.J. and OWERRI, Nigeria, Nov. 04, 2019 -- BIO-key International, Inc. (NASDAQ: BKYI), an innovative provider of biometric authentication and security solutions, today announced that the company has added Technology Transfer Institute of Africa (TTI) as a Channel Alliance Partner (CAP).
Ipsidy Expands Its Mobile Biometric Solutions Full Support for Both iOS13 With NFC and Android Platforms
LONG BEACH, New York, Oct. 28, 2019 /PRNewswire/ -- Ipsidy Inc., a provider of an Identity as a Service (IDaaS) platform and a suite of secure, mobile, biometric identity solutions, available to any vertical, today announced that it has expanded its offerings across