• Skip to main content
  • Skip to primary sidebar

Technipages

Smart phone, gadget and computer tutorials

  • Topics
    • Android
    • Gaming
    • Hardware
    • Internet
    • iOS
    • MacOS
    • Office
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About

One-Time Password

Posted on August 16, 2019 by Mel Hawthorne

A one-time password is a code that can be used only once to gain access to a service, a new one time password needs to be generated to be able to sign in again. The one-time password can be generated through a variety of means such as a mobile application, a physical security token, an SMS and more. These tokens are normally valid for a short time period before being refreshed and replaced with a new token.

Technipages Explains One-Time Password

By requiring a one time password as a second-factor, security is strengthened in two ways: Firstly, an attacker now has to know both the password and have access to the correct one time password. Secondly, if the attacker is able to perform a man in the middle attack and compromise the password and one-time password, the one-time password will not be valid for a second use in a replay attack.

One time password systems are relatively cheap and generally free for the end-user depending on the product, although businesses may pay for employee licences. Services that utilise a mobile application or SMS are normally free for users, services with a physical security token like the RSA token do have an associated cost.

The use of SMS as the second factor in the two-factor verification process providing the one-time passcode does carry a small risk as there are ways for messages to be intercepted and used by an attacker although these attacks are quite complex. The security community generally advises that SMS is better than not using a second factor one time passcode but that other platforms are generally more secure and should be preferred.

Common Uses of One-Time Password

  • Hardware security tokens generally implement a time synchronised one-time password
  • Some banks send a printed one time password to new users of their online banking systems.
  • More often than not, one time passwords are part of a two-factor authentication system.

Common Misuses of One-Time Password

  • One time passwords are only used for throwaway accounts.

You Might Also Like

  • How to Fix Wrong Time On Android
    How to Fix Wrong Time On Android
  • iPhone: How to Change the Time
    iPhone: How to Change the Time
  • How to Password Protect a PDF
    How to Password Protect a PDF
  • How to Password Protect PDF
    How to Password Protect PDF
  • How to Improve Windows 10 Startup Time
    How to Improve Windows 10 Startup Time
  • How to Add Different Time Zone Clocks in Windows 10
    How to Add Different Time Zone Clocks in Windows 10
  • How to Track Usage Time on Facebook
    How to Track Usage Time on Facebook
  • Windows Time is Incorrect - Causes/Fixes
    Windows Time is Incorrect - Causes/Fixes
  • How to Change Gmail Time Zone
    How to Change Gmail Time Zone

Primary Sidebar

Recent Posts

  • Bitwarden: How to Manually Autofill a Login Form
  • Bitwarden: How to Copy the Username and Password of an Entry
  • Bitwarden: How to Open the URL Associated with an Entry
  • How to Increase the Size of Text on Any Website on iPad
  • Chrome: How to Fix Can’t Scroll Using Scrollbars
  • Samsung Galaxy S 21 Plus: How to Check How Much Memory Is Left
  • Google Photos: How to Export Your Albums
  • Bitwarden: How to Deauthorize All Sessions

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

Follow me on Twitter, or visit my personal blog.

You May Also Like

© Copyright 2021 Technipages · All Rights Reserved · Privacy