Introduction
In cybersecurity, the term O-T-P stands for One Time Password, and it’s a powerful tool. OTPs can perform a variety of functions, but one of the most common examples is as a form of 2FA, or two-factor authentication. At this point, many banking, investments, or other apps that house sensitive information require some form of 2FA. Many elect to receive text messages with a secure code, which they enter into the app for verification purposes. That code, typically 6 or 8-digits long, is an example of an OTP. And guess what… accoca can store OTP data directly in the app.
To anyone reading this article, it’s unlikely you are trembling with excitement, that’s understandable. However, the fact accoca has the ability to locally store OTP authentication codes is a convenient feature. It could allow for quicker access into a 2FA protected account in the event of an emergency. I’ll explain as we go. Let’s get into it!
Previous Articles
Below are links to some of Sola’s other articles about accoca. The articles take less than 5 minutes to read. They also help provide insight into both what accoca is as an app and how to generate hack passwords.
What is a Password Manager (Vault)
How to Generate Strong Passwords
Where to Download
One-Time Passwords
As briefly explained in the introduction, one-time passwords (OTPs) are temporary passwords that add an additional layer of security with a variety of applications. A common example is when accessing accounts housing sensitive data. As 2FA (two-factor authentication) was rising to prominence some ten or so years ago, few companies made incorporating it mandatory. Today, nearly all account logins requires the user to both input a password and provide a secondary means of verification.
In my many instances, OTPs are sent via text message. Upon providing the correct password, the user receives a text message with a 6 or 8-digit code. This code is then entered into the authentication page following the login screen. Providing the correct OTP will grant the user access. You may have noticed many platforms inform the user that the code is only valid for a certain period of time. The period could be anywhere from 60 seconds to 5 minutes, or any other interval. This timer aligns increases security by making the OTPs inherently temporary in nature.
The question arises then, if an OTP is not sent through a text message, how else can it be provided?
Other Forms of OTPs
In other instances, it’s possible to generate an OTP through an authentication app like Google Authenticator, Microsoft Authenticator, or Duo, just to name a few. Typically, when establishing 2FA for a particular account, the platform will ask which kind of two-factor method the user wants to use. After selecting authenticator or OTP, however the option may be called in that particular app, the user must then add a security token.
The security token is often referred to as an authentication key, and it a series of characters that provides the authentication the information necessary to then generate OTPs in the future. The key is often added to the authenticator app in the form of a QR code scan, or by directly typing the authentication key into the app. After adding the key, the authenticator app will then have permission to produce OTPs linked to that specific account and satisfy the 2FA requirements.
accoca and OTPs
Directly within the accoca app, when adding a new username and password, there’s an option in the add screen called One-Time Password. Tapping it will open up a submenu where accoca prompts the user to scan a QR code or enter the authentication key. Scanning the QR code to store an OTP is the same process as scanning any other QR code. The app will then store the key embedded in to the QR code and produce OTPs directly from the app. This saves time and is more convenient for the user because it forgoes the need to open a separate authenticator app when logging into an account.
Adding OTP credentials via the authentication key is a similar process but more intensive. The user will simply type the code character for character and when done, accoca can store that key as well for future use. After saving the new entry, re-opening it will automatically trigger the OTP and produce the 2FA login code directly from the app.
Conclusion
While receiving an OTP via text message is convenient, if you’re trying to access one of your accounts from a low signal or no signal area, that’s a problem. For that reason, using a password vault with a built-in authenticator app like accoca could be a real lifesaver.
As the reader, you can always try it out for yourself. Try adding a one-time password as one of the 2FA methods for an account you frequently use. Out of caution, you may NOT want to remove any other forms of 2FA like a text message until you’re comfortable saving the credentials and generating OTPs from accoca.
As always, if there are any suggestions for future article content, suggestions, or feedback, please leave a comment below. Alternatively, you can always reach out to the author directly at michael@sola.inc. Sola’s apps are free to try. Use the download link below to download the app from the AppStore and be sure to leave a review if you like it. If there are suggestions for improvements or changes within Sola’s apps you want in future updates, write the author and they can pass along your feedback to the development team.
Thanks again and we’ll catch you on the next one!
Leave a Reply