A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.
One-time password tokens are often used as a part of two-factor and multifactor authentication. The use of one-time password tokens hardens a traditional ID and password system by adding another, dynamic credential.
Depending upon the vendor, an OTP token will generate a PIN synchronously or asynchronously. Synchronous tokens use a secret key and time to create a one-time password. Asynchronous tokens use a challenge-response authentication mechanism (CRAM).
In the past, OTP security tokens were usually pocket-size fobs with a small screen that displayed a number. The number changed every 30 or 60 seconds, depending on how the token is configured and the user entered his or her user name and password, plus the number displayed on the token.
Today, OTP tokens are often software-based, and the passcode generated by the token is displayed on the user's smartphone screen. Software tokens make it easier for mobile users to enter authentication information and not have to keep track of a separate piece of hardware.
Multifactor authentication is especially important when it comes to protecting enterprise data. Knowing how to secure one-time password tokens to implement them in an MFA scenario will keep corporate data safe in the long-run. Understand how to distribute OTP to employees so that systems aren’t left open for attack.