• Skip to main content
  • Skip to primary sidebar

Technipages

Tutorials and fixes for smartphone, gadget, and computer problems

  • Topics
    • Android
    • Browsers
    • Gaming
    • Hardware
    • Internet
    • iPhone
    • Linux
    • macOS
    • Office
    • Reviews
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About

One-Time Password

October 16, 2019 by Mel Hawthorne

A one-time password is a code that can be used only once to gain access to a service, a new one time password needs to be generated to be able to sign in again. The one-time password can be generated through a variety of means such as a mobile application, a physical security token, an SMS and more. These tokens are normally valid for a short time period before being refreshed and replaced with a new token.

Technipages Explains One-Time Password

By requiring a one time password as a second-factor, security is strengthened in two ways: Firstly, an attacker now has to know both the password and have access to the correct one time password. Secondly, if the attacker is able to perform a man in the middle attack and compromise the password and one-time password, the one-time password will not be valid for a second use in a replay attack.

One time password systems are relatively cheap and generally free for the end-user depending on the product, although businesses may pay for employee licences. Services that utilise a mobile application or SMS are normally free for users, services with a physical security token like the RSA token do have an associated cost.

The use of SMS as the second factor in the two-factor verification process providing the one-time passcode does carry a small risk as there are ways for messages to be intercepted and used by an attacker although these attacks are quite complex. The security community generally advises that SMS is better than not using a second factor one time passcode but that other platforms are generally more secure and should be preferred.

Common Uses of One-Time Password

  • Hardware security tokens generally implement a time synchronised one-time password
  • Some banks send a printed one time password to new users of their online banking systems.
  • More often than not, one time passwords are part of a two-factor authentication system.

Common Misuses of One-Time Password

  • One time passwords are only used for throwaway accounts.

You Might Also Like

  • How to Fix Wrong Time On Android
    How to Fix Wrong Time On Android
  • iPhone: How to Change the Time
    iPhone: How to Change the Time
  • How to Track Usage Time on Facebook
    How to Track Usage Time on Facebook
  • How to Improve Windows 10 Startup Time
    How to Improve Windows 10 Startup Time
  • Windows 11 Time is Wrong - Causes/Fixes
    Windows 11 Time is Wrong - Causes/Fixes
  • How to Check Screen Time on Android
    How to Check Screen Time on Android

Primary Sidebar

Recent Posts

  • How to Change Microsoft 365 Two-Factor Authentication
  • How to Export Chrome Bookmarks
  • How to Make Your iPad’s Keyboard Bigger
  • How to Enable and Manage Do Not Disturb on iPad (iPadOS 16.5)
  • How to Put Apps to Sleep in Windows 11
  • Fix: Excel Opens in Tiny Window
  • What is SMPS?
  • How to Find Watched Videos on Facebook in 2023

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

© Copyright 2023 Guiding Tech Media · All Rights Reserved · Privacy