An organization wants to add an extra authentication factor that produces a numeric code derived from a shared secret and the current time. The code changes every 30 seconds and becomes invalid once that interval expires. Which authentication factor best meets this requirement?
Time-based one-time passwords (TOTP) rely on a shared secret and the present time to generate a unique code every set interval (commonly 30 seconds). After that period, the code cannot be reused, sharply limiting the window in which an attacker could exploit it. Event-based HOTP tokens change only when triggered, static PINs never change, and fingerprint scans are biometric factors rather than time-dependent codes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does a TOTP work in detail?
Open an interactive chat with Bash
What are the differences between TOTP and HOTP?
Open an interactive chat with Bash
Why are static PINs and biometrics not suitable for this requirement?