time-based one-time password (TOTP)

Contributor(s): Colin Steele

A time-based one-time password (TOTP) is a temporary passcode, generated by an algorithm, for use in authenticating access to computer systems.

The algorithm that generates each password uses the current time of day as one of its factors, ensuring that each password is unique. Time-based one-time passwords are commonly used for two-factor authentication and have seen growing adoption by cloud application providers. In two-factor authentication scenarios, a user must enter a traditional, static password and a TOTP to gain access. 

There are various methods available for the user to receive a time-based one-time password, including:

  • hardware security tokens which display the password on a small screen;
  • mobile apps, such as Google Authenticator;
  • text messages sent from a centralized server.

Time-based one-time passwords provide additional security, because even if a user's traditional password is stolen or compromised, an attacker cannot gain access without the TOTP, which changes every 30 or 60 seconds. TOTP is an approved standard of the Internet Engineering Task Force (IETF). 


This was last updated in March 2014

Continue Reading About time-based one-time password (TOTP)

Dig Deeper on Web authentication and access control



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats






  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...