One Time Password (OTP) Solution for Two Factor Authentication: A Practical Case Study

Abstract

Currently, static passwords are no longer secure, they expose accounts and data, more advanced and sophisticated approaches are required to guarantee user authentication and operations in digital systems. In this context, this study investigates how in a practical application, addressing security challenges in user authentication using One Time Passwords (OTP) can strengthen two-Factor Authentication (2FA), the use of a sec factor for authentication has gained popularity and using an OTP adds an extra layer of protection, strengthening security beyond the traditional password. Furthermore, it is important to highlight that currently transactions between existing systems are largely carried out through smartphones with specific applications due to convenience and widespread presence in modern life. The objective of this study focuses on generating an OTP solution for two-factor authentication in a practical case based on an applied research methodology. The application of this methodology results in an effective system, improving two-factor authentication by providing security for user access with static passwords, even if someone gains access to the user’s password, they still need the OTP code to access. This article presents an authentication system for 2FA that includes generation and delivery of the access code based on events (HOTP) or time (TOTP) and uses mobile and email applications for OTP code delivery. The entire authentication process from enabling 2FA on the user account to verifying and validating is comprehensively covered.