One Time Passwords
What are OTPs?
OTPs (alphanumeric strings) authenticate a user for a single transaction or session.
OTPs may replace authentication login information or may be used in addition to it, to add another layer of security.
The beauty of one time passwords is that they are one time. Even if a hacker were to intercept these, they would not work, since they have already been used (by the original requester).
If you are limited to using smaller encryption keys (40 bit keys), you may want to use OTPs as a stronger alternative.
OTP can be a pocket-size token or a mobile app.
Alternative Client Authentication Schemes
Client Certificates (SSL)
Passwords – regular, multi-use passwords
Appendix – Types of One Time Passwords
The different types of OTP are: HMAC-based One-Time Password (HOTP) and Time-Based One-Time Password (TOTP).
HOTP is a simple counter that increments each time an OTP is generated, while with TOTP a new OTP is generated by the device every 30 seconds.
The TOTP password is short-lived while the HOTP password may be valid for an unknown amount of time, therefore TOTP is generally considered the more secure One-Time Password solution.