A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.

One-time password tokens are often used as a part of two-factor and multifactor authentication. The use of one-time password tokens hardens a traditional ID and password system by adding another, dynamic credential.

Depending upon the vendor, an OTP token will generate a PIN synchronously or asynchronously. Synchronous tokens use a secret key and time to create a one-time password. Asynchronous tokens use a challenge-response authentication mechanism (CRAM).

In the past, OTP security tokens were usually pocket-size fobs with a small screen that displayed a number. The number changed every 30 or 60 seconds, depending on how the token is configured and the user entered his or her user name and password, plus the number displayed on the token.

Today, OTP tokens are often software-based, and the passcode generated by the token is displayed on the user’s smartphone screen. Software tokens make it easier for mobile users to enter authentication information and not have to keep track of a separate piece of hardware.

Leave a Reply

Your email address will not be published. Required fields are marked *