• Skip to main content
  • Skip to primary sidebar

Technipages

Tutorials and fixes for smartphone, gadget, and computer problems

  • Topics
    • Android
    • Browsers
    • Gaming
    • Hardware
    • Internet
    • iPhone
    • Linux
    • macOS
    • Office
    • Reviews
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About

One-Time Password

October 16, 2019 by Mel Hawthorne

A one-time password is a code that can be used only once to gain access to a service, a new one time password needs to be generated to be able to sign in again. The one-time password can be generated through a variety of means such as a mobile application, a physical security token, an SMS and more. These tokens are normally valid for a short time period before being refreshed and replaced with a new token.

Technipages Explains One-Time Password

By requiring a one time password as a second-factor, security is strengthened in two ways: Firstly, an attacker now has to know both the password and have access to the correct one time password. Secondly, if the attacker is able to perform a man in the middle attack and compromise the password and one-time password, the one-time password will not be valid for a second use in a replay attack.

One time password systems are relatively cheap and generally free for the end-user depending on the product, although businesses may pay for employee licences. Services that utilise a mobile application or SMS are normally free for users, services with a physical security token like the RSA token do have an associated cost.

The use of SMS as the second factor in the two-factor verification process providing the one-time passcode does carry a small risk as there are ways for messages to be intercepted and used by an attacker although these attacks are quite complex. The security community generally advises that SMS is better than not using a second factor one time passcode but that other platforms are generally more secure and should be preferred.

Common Uses of One-Time Password

  • Hardware security tokens generally implement a time synchronised one-time password
  • Some banks send a printed one time password to new users of their online banking systems.
  • More often than not, one time passwords are part of a two-factor authentication system.

Common Misuses of One-Time Password

  • One time passwords are only used for throwaway accounts.

You Might Also Like

  • whatsapp Can't Restore Chats From Google Drive Backup
    WhatsApp: How to Send a See Only One Time Picture
  • What is a Firefox Primary Password and How to Create One
    What is a Firefox Primary Password and How to Create One
  • How to Soft & Hard Reset Acer Iconia One 10
    How to Soft & Hard Reset Acer Iconia One 10
  • Switch vs Switch Lite - Which One Is Better?
    Switch vs Switch Lite - Which One Is Better?
  • Facebook Deactivate Vs. Delete Which One to Choose and When
    Facebook Deactivate Vs. Delete: Which One to Choose and…
  • Android Can't Send Text Message to One Person
    Android: Can't Send Text Message to One Person

Primary Sidebar

Recent Posts

  • How to Send HD Pictures and Videos on WhatsApp
  • How to Share Files Using Google Nearby Share
  • Android Battery Will Not Charge Fix
  • Turning on Triple Touch Zoom on Android
  • How to Connect Outlook 2023 to Gmail
  • Netflix: Change Password
  • Step-by-Step Guide: How to Use WhatsApp on Your Computer
  • Android: Enable or Disable Background Data

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

You May Also Like

  • One-Way Hash Function

© Copyright 2023 Guiding Tech Media · All Rights Reserved · Privacy