What is OTP?

One-time password, more specifically time-based one-time password (TOTP) is a method to do multi-factor authentication (MFA).

Why should I care?

Stolen credentials are a recurring problem on the Internet. One-time password make it a lot more difficult for someone to guess the password as it is re-generated automatically on a regular basis.

Furthermore since there is no communication between the authenticator app app and the Website, this method of authentication is immune to eavesdropping.

How does it work?

You typically scan a bar code presented to you by the Website through a a one-time password application like Google Authenticator. This will import the seed used to generate random passwords in the authenticator app.

Once the initial key has been imported, both, the application and Website will generate the same random password at the same time without communicating with each other.

Once the Website prompts you for the one-time password, just read it on the authenticator app and enter it in the Website input field.