How OTP is the Most Secure Authentication Method Amongst All?



An OTP system can only use truly haphazard OTPs if the OTP is produced by the authenticator and sent (most probably out-of-band) to the user; or else, the OTP must be separately produced by each party, requiring a repeatable, and thus only pseudo-random, algorithm.

Even though OTPs are in some ways more secure than a static one, users of OTP systems are still weak to man-in-the-middle attacks. OTPs should then not be revealed to any third parties, and using an OTP as single layer in layered security is protected than using OTP alone; one method to implement layered security is to use an OTP in grouping with a password that is remembered by the user (and never sent to the user, as OTP bulk SMSs frequently are).

A benefit to using layered security is that a single sign-on linked with one master password or password manager becomes secure than using only single layer of security during the sign-on, and therefore the problem of password weariness is ignored if one generally has long sessions with different passwords that would require being entered mid-session (to open diverse documents, websites, and applications); however, the shortcoming of using different forms of security all at once during a single sign-on is that one has the problem of more security provisions during every login—even if one is logging in only for a succinct usage of the computer to access details or an application that doesn't need as much safety as some other top-secret products that computer is used for.

Write a comment

Comments: 0