One-Time Password (OTP)

A password that can only be used once is called a one-time password.

Feb 9, 20242 min read

The term one-time password (OTP) also called one-time codes describes a password that contains a randomly generated series of characters and can only be used for a specific period of time and only for a single login/transaction.

A one-time password is very often used in conjunction with a standard password as an additional security measure in multi-factor authentication (MFA), also known as two-factor authentication (2FA). In this process, the user first logs in with their user name or e-mail address and the password they have set. In the next step, the one-time password is entered and serves as an additional security level.

The important factor is that the one-time password is only known to the user and the system for which the code relates. Below are the two methods for generating an OTP.

We at Engity have the opinion that a one-time password should always be used if important and sensitive data is involved, such as online banking.