As the name suggests, a one-time password (OTP) is a password that is applicable only for single use. This is generally seen whenever a powerful password verification is required. The most general uses for OTP are to authenticate VPN, and online internet banking systems. When employing one-time passwords, if somebody gets access to your password, they would not be able to use it, because it easily and timely gets expired.
The tool used to create one-time passwords is known as token. The token could be a small hardware tool that you can keep in your keychain, or software token set up on the computer or smartphone.
When the user enters the one-time password just produced by the token, the password is sent to a verifying server. This is where the password is verified, and the user’s verification request is approved or denied. For this method to work, both the token and the verifying server should use the similar algorithm for password creation. In this way, at any instant in time, the same password is created at both the sides.
Apart from it, E-commerce websites also need OTP to secure transactions of customers. OpenCart SMS extension is one of the best ways to do it.
Overall, a one-time password is a password that is suitable for only single use, and for inadequate time-period. Tokens that create OTPs could be integrated in hardware or software.Tokens could be moreover synchronous or asynchronous and in which, synchronous tokens could be counter-based or time-based.