Understanding OTP
One Time Password OTP
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session. A one-time password (OTP), also known as one-time pin or dynamic password.
An OTP is more secure than a static password, especially a user-created password, which can be weak and/or reused across multiple accounts. OTPs may replace authentication login information or may be used in addition to it in order to add another layer of security.
How to get a one-time password?
When an unauthorized user tries to access a system, an authentication manager on a network server generates a number, using a one-time password algorithm. The same number and algorithm are used by security tokens on a smart card or device to match and validate a one-time password and user.
Benefits of a one-time password
The one-time password avoids common pitfalls that IT administrators and security managers face with password security. They do not have to worry about composition rules, known-bad and weak passwords, sharing of credentials or reuse of the same password on multiple accounts and systems.
Another advantage of one-time passwords is that they become invalid in minutes, which
prevents attackers from obtaining the secret codes and reusing them.
- Easy to generate
- Not sharable
- Different for every access
- Encrypted password