An organization wants to add an extra authentication factor that produces a numeric code derived from a shared secret and the current time. The code changes every 30 seconds and becomes invalid once that interval expires. Which authentication factor best meets this requirement?
Time-based one-time passwords (TOTP) rely on a shared secret and the present time to generate a unique code every set interval (commonly 30 seconds). After that period, the code cannot be reused, sharply limiting the window in which an attacker could exploit it. Event-based HOTP tokens change only when triggered, static PINs never change, and fingerprint scans are biometric factors rather than time-dependent codes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.