Security tokens and devices

There are different types of tokens that have different time limits; let us look at the difference between the Time-Based One-Time Password and HMAC-based one-time password:

  • Time-Based One-Time Password (TOTP): A TOTP requires time synchronization, because the password needs to be used in a very short period of time, normally between 30 and 60 seconds. Here, we can see the TOTP that has come to a phone—it can also come to a device similar to the RSA Secure ID shown earlier in this chapter. TOTP could be used when you want to access secure cloud storage:
Figure 18: TOTP
  • HMAC-based One-Time Password (HOTP): A HOTP ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.