Subscribe Now

Trending News

Blog Post

What is OTP(One-Time Password)? – Definition, Procedure, and More

What is OTP(One-Time Password)? – Definition, Procedure, and More

OTP(One-Time Password) Definition

An OTP automatically generate number or alphabetic character string with which a user authenticates himself for a single session.

The one-time password can be generated dynamically or taken from a previously created list of static one-time passwords.

It is especially true when the user is responsible for creating the password. These are usually weak.

One-Time passwords used as a replacement for authentication or as an add-on to add another security layer to the construct.

What is the Procedure for generating a One-Time Password?

To log in with an OTP, the user and the system must know the valid and used password.

  1. They are two methods to achieve this: creating password lists and dynamic password generation.
  2. The password lists contain several passwords on the user and system side. These can freely select or use in a specific order.
  3. If a password used, both sides delete it from their lists. If all passwords have already applied, Then have to create a new list.
  4. An example of this type of one-time password is the TAN list for online banking. If a password list is lost, an unauthorize person can have valid passwords.

What are the Different Generations in OTP?

Dynamic generation is possible in three ways:

Time-Controlled generation

  • With this generation, an OTP generator and the server generate time-synchronized passwords using the same algorithm.
  • The passwords are valid for a certain period and known for both sides.

Event-Driven generation

  • It generates the password, for example, by an action such as pressing a button on the OTP generator.
  • The new password arises from a calculation of the previously valid password, and therefore, it checks by the server.

Server generation

  • When the server generation provides the client with a value from which the one-time password can generate using a specific algorithm.
  • And also, The server knows the specified value and the algorithm and can check the generated password.

What is the OTP token?

  1. OTP tokens are small hardware devices for generating one-time passwords. The generators usually equip with a one-line display.
  2. And also, They are known password generators and can take the form of a bank card or a small box.
  3. Depending on the method of OTP generation, they generate a new password at specific intervals or after pressing a key and show it on display.

Related posts