Understanding OTP

One Time Password OTP

A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session. A one-time password (OTP), also known as one-time pin or dynamic password. 

An OTP is more secure than a static password, especially a user-created password, which can be weak and/or reused across multiple accounts. OTPs may replace authentication login information or may be used in addition to it in order to add another layer of security.

How to get a one-time password?

When an unauthorized user tries to access a system, an authentication manager on a network server generates a number, using a one-time password algorithm. The same number and algorithm are used by security tokens on a smart card or device to match and validate a one-time password and user. 

Benefits of a one-time password

The one-time password avoids common pitfalls that IT administrators and security managers face with password security. They do not have to worry about composition rules, known-bad and weak passwords, sharing of credentials or reuse of the same password on multiple accounts and systems. 

Another advantage of one-time passwords is that they become invalid in minutes, which prevents attackers from obtaining the secret codes and reusing them.