Quiz Entry - updated: 2026.06.01
How does a TOTP (Time-based One-Time Password) login work, and what's the formula?
Token displays OTP = f(key, current_time_window) that changes every ~30 seconds. User types both their password and the current OTP. Server computes the same and compares.
The flow:
- User enters password →
1. passwordto server. - Token (RSA SecurID, Google Authenticator, etc.) shows a number — say
359702— derived from a shared secret key and the current time bucket. - User types the OTP →
2. TOTPto server. - Server, knowing the shared key, computes the expected TOTP for the current time window and compares.
The formula: OTP = HMAC(key, T) truncated to 6 digits, where T = floor(current_time / 30 seconds).
Why time-based:
- No need for a back-channel between token and server — the "challenge" is just the wall clock.
- Server typically accepts the previous, current, and next time window to tolerate small clock drift.
Strengths and weaknesses:
- Strength: the secret never travels; old OTPs are useless 30 s later.
- Weakness: no transaction binding — the OTP says only "I'm here right now", not "I authorise transferring CHF 5000 to account X". A man-in-the-browser can hijack the session after the OTP is consumed.
Tip: Google Authenticator, Authy, 1Password, and most "authenticator apps" implement RFC 6238 (TOTP).