A one-time password (OTP) is a randomly generated string of letters, numbers, and/or symbols that is delivered to a user to be used for just one login or transaction. An OTP is more secure than a static password, particularly one that was established by the user and may be insecure or used on several accounts.
What are the benefits of OTPs?
OTPs reduce the risk around passwords.
- Multi-factor authentication: OTPs can add an additional layer of authentication. Using security tokens, OTPs can be generated for users to provide as an additional form of authentication, which increases security and reduces the risk of a breach.
- Time-based OTP (TOTP): this type of OTP is time-based, in that it provides a window of time within which the OTP code will be valid. In general, timesteps are 30-60 seconds in length. If the user does not enter the OTP code within the specified timestep, they must request a new one.