• Skip to main content
  • Skip to primary sidebar

Technipages

Tutorials and fixes for smartphone, gadget, and computer problems

  • Topics
    • Android
    • Gaming
    • Hardware
    • Internet
    • iOS
    • MacOS
    • Office
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About Technipages

One-Time Password

By Mel Hawthorne

A one-time password is a code that can be used only once to gain access to a service, a new one time password needs to be generated to be able to sign in again. The one-time password can be generated through a variety of means such as a mobile application, a physical security token, an SMS and more. These tokens are normally valid for a short time period before being refreshed and replaced with a new token.

Technipages Explains One-Time Password

By requiring a one time password as a second-factor, security is strengthened in two ways: Firstly, an attacker now has to know both the password and have access to the correct one time password. Secondly, if the attacker is able to perform a man in the middle attack and compromise the password and one-time password, the one-time password will not be valid for a second use in a replay attack.

One time password systems are relatively cheap and generally free for the end-user depending on the product, although businesses may pay for employee licences. Services that utilise a mobile application or SMS are normally free for users, services with a physical security token like the RSA token do have an associated cost.

The use of SMS as the second factor in the two-factor verification process providing the one-time passcode does carry a small risk as there are ways for messages to be intercepted and used by an attacker although these attacks are quite complex. The security community generally advises that SMS is better than not using a second factor one time passcode but that other platforms are generally more secure and should be preferred.

Common Uses of One-Time Password

  • Hardware security tokens generally implement a time synchronised one-time password
  • Some banks send a printed one time password to new users of their online banking systems.
  • More often than not, one time passwords are part of a two-factor authentication system.

Common Misuses of One-Time Password

  • One time passwords are only used for throwaway accounts.

You Might Also Like

  • How to Password Protect a PDF
    How to Password Protect a PDF
  • How to Password Protect PDF
    How to Password Protect PDF
  • How to Fix Wrong Time On Android
    How to Fix Wrong Time On Android
  • iPhone: How to Change the Time
    iPhone: How to Change the Time
  • How to Test Password Strength
    How to Test Password Strength
  • How to Change Facebook Password
    How to Change Facebook Password
  • Netflix: Change Password
    Netflix: Change Password
  • macOS: How to See Wi-Fi Network Password
    macOS: How to See Wi-Fi Network Password
  • How to Change Your Gmail Password
    How to Change Your Gmail Password

Primary Sidebar

Recent Posts

  • What Are The Different Types Of DDR?
  • What Is Non-Volatile Memory?
  • SATA: What It Is and What You Need to Know
  • SLC vs MLC vs TLC vs QLC vs PLC
  • What is SLC Caching?
  • What Is Host Memory Buffer (HMB) in SSD?
  • DRAM on an SSD: Is It Something You want?
  • 5 Free Android Apps to Remove Red Eye

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

© Copyright 2022 Technipages · All Rights Reserved · Privacy