Identity Automation ONE – One-Time Password (OTP)
A one-time password (OTP) is a password that is valid for only one login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that in contrast to static passwords, they are not vulnerable to replay attacks. This means that a potential intruder who manages to record an OTP that was already used to log into a service or to conduct a transaction will not be able to abuse it, since it will be no longer valid. On the downside, OTPs are difficult for users to memorize. Therefore, they require additional technology to work such as a token or application. OTPs are in common use throughout the world for remote access. OTP is considered one of the stronger forms of authentication. Many organizations consider the use of OTP when supporting remote users.
Identity Automation ONE manages the lifecycle of OTP token seeds that are assigned to users; the token seeds are then associated with the user and a specific device, such as a token or mobile phone application. The common workflow for OTP is, for a user to enter a six-digit code in conjunction with their username and an associated PIN. The codes are routinely entered in websites or VPN applications. The codes are generated on tokens or from within an application. Once validated, the user is permitted access to the application or website. 2FA ONE does not support Windows or Shared Workstation logon with OTP.