A one-time password is a code that can be used only once to gain access to a service, a new one time password needs to be generated to be able to sign in again. The one-time password can be generated through a variety of means such as a mobile application, a physical security token, an SMS and more. These tokens are normally valid for a short time period before being refreshed and replaced with a new token.