How We Secure: Authentication Methods
One Time Password (OTP)
SurePassID Universal MFA supports open standard time-based and event-based authentication in multiple delivery methods.


OTPs of any numeric length for secure, compliant authentication
One time passwords (OTPs) are an authentication method used as part of two-factor authentication (2FA) and multi-factor authentication (MFA):
Something you know (Username/Password)
+
Something you have (One Time Password)
OTPs are unique passwords that are only valid for a single login session for a defined period of time. OTPs are generated via the open standard OATH HOTP (event-based) or TOTP (time-based) algorithm. A variety of user authenticators can be used to generate OTPs, or they can be generated separately and sent to users via SMS, IVR, email or other means.
Advantages
Disadvantages
- Open standards-based (OATH)
- Event-based (HOTP) or time-based (TOTP)
- Can work offline, depending on the authenticator
- Can be generated by a wide variety of authenticators
- Can be generated and sent to user
- Not vulnerable to replay attacks
- Not vulnerable to man-in-the-middle (MITM) attacks, depending on the authenticator
- Less convenient – requires user to manually enter OTP
- Added cost, if issuing OTP hardware tokens
- Users can’t auto-provision, if issuing OTP hardware tokens
- Can be lost or stolen, if issuing OTP hardware tokens or using OTP mobile apps with issued phones or BYOD