RepairYour.Tech
security en

Time-based one-time password

security

Also called: TOTP

Plain-language definition

Plain-language definition

A short code generated from a shared secret and the current time.

Why it matters

TOTP adds a possession factor but users still need phishing awareness and secure recovery options.

Technical detail

TOTP derives a changing numeric value from a secret key and time step; verifier and authenticator clocks must remain close enough for accepted windows.

Examples

  • An authenticator app generates a new six-digit code every 30 seconds.

Sources and review

Reviewed July 12, 2026 by [email protected]. Next review due January 11, 2027.

  1. Digital Identity Guidelines Glossary — National Institute of Standards and Technology Accessed 7/11/2026

See something we should improve?

Suggest a correction to “Time-based one-time password.” Suggestions are reviewed before the published definition changes.

Press ? for shortcuts