One-Time Password

A one-time password, or OTP, is a series of characters generated by a device, application, or online portal for an individual to use only once. One-time passwords are typically a second form of authentication for accessing an account. A website will often generate a one-time password for a user who wants to change their password or forgot it. That password change then has to be verified through email, text message, or another method. One-time passwords as an added method of two factor or multifactor authentication are being used more frequently. These codes help businesses verify users when they’re accessing sensitive data: Entering a code that was texted to your phone to verify banking information on a third-party app, for example.

A one-time password prohibits attackers from using a stolen password. If an attacker learns a regular account password, they may be able to break into a user’s account. But a one-time password is only valid once; if an attacker tries to use it, the login attempt will be invalidated.

One-time passwords can also be generated using a token a piece of hardware or software that provides single-use passwords to users.

Some organizations are now recommending using an application for one-time password authentication, rather than receiving it through text or phone call. An application on your phone would reveal less information to any phone service providers or eavesdroppers who might be spying on your phone network. An application for one-time passwords will also have more features, such as the ability to scan a QR code.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...