Difference Between an Authentication Token and an OTP (One Time Password)

Cryptography Asked by DaWNFoRCe on December 28, 2021

I would like to better understand why some people use the term One Time Password and other Authentication Token.

I have noticed that in academic circles, there is a differentiation between authenticated tokens (say a nonce and the signature of the nonce) vs. OTP’s, which I always saw as a family of such tokens, one that is either hardware or software aided, using some shared secret or seed and not a certificate itself.

In industry, I hear more and more people calling authenticated tokens OTP’s.. I actually start doubting myself, and could not find much material online that compares or even defines both. So I wonder the following:

What is the difference if any, in between these 2 concepts?

Can I use the terms interchangeably?

Are there standards that define what an OTP is and how it should look like?

Add your own answers!

Ask a Question

Get help from others!

© 2024 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP