Overview#

One-Time password or OTP is a password that is bounded by a single authentication session.

Often One-Time password is used with Multi-Factor Authentication as either Something You Know or in the case where a device or Authenticator App is used to provide the One-Time password as Something You Have.

One-Time password #

Some OTP standards include the

• One-Time Password System (RFC 2289)
• S-KEY One-Time Password System (RFC 1760),
• HMAC-based One-Time Password Algorithm (HOTP RFC 4226)
• Time-based One-time Password Algorithm (TOTP RFC 6238)

More Information#

There might be more information for this subject on one of the following:

• Authentication Method Reference Values
• Authentication intent
• Best Practices Password
• Cardholder Verification Method
• HMAC-based One-Time Password Algorithm
• LOA 3
• M-04-04 Level of Assurance (LOA)
• NMAS
• OTP
• One-Time Password System
• One-time password device tokens
• Phishing
• S-KEY One-Time Password System
• Short Message Service
• Time-based One-time Password Algorithm
• Transaction Authentication Number
• What To Do About Passwords
• Yubico
• Yubikey NEO

---

• [#1] - One-time password - based on information obtained 2013-04-10