OTP or one time password systems provide a method for logging on to a network or service through a unique password that can only be used one time, as the name implies. This restricts some types of identity theft by ensuring a captured username or password combination cannot be used second time.
Today, most enterprises, e-commerce websites and online communities need only a username and static password for signing in and access to personal and sensitive information. Although this verification method is suitable, it is not safe as online identity theft by using phishing, keyboard logging, man-in-the-middle attacks and other techniques is growing all over the world.
One-time password can be produced in different ways and each one has trade-offs in terms of convenience, security, price and accuracy. Some easy methods like transaction numbers lists and grid cards can give a set of one-time passwords. These methods provide low investment costs, but are deliberate, hard to manage, simple to replicate and share, and need the users to keep record of where they are in the password’s list.