In today's fast paced world, what is a password still worth? Numerous cases show that a verification based upon a single factor can prove to be a bit thin. In 2012 both Yahoo! and LinkedIn had to report stolen passwords, same for Twitter in 2013. Next to hackers, there is the threat of phishing, brute force and man-in-the-middle attacks. If someone obtains your password, they are in.
One Time Password (OTP) creates an extra layer of authentication based on something you know and something you have. During the authentication process an extra password is required. That password is used only once, is valid for a limited time and generated on the spot. Sometimes this password is generated by a key ring that spits out a new number every so-many seconds. Nowadays you see more and more OTP’s being generated online and sent to you through an app, an SMS text message or a voice message. Now you need more than a password to log-in on someone else’s behalf. An extra factor of authentication is added, that is why OTP is also called a two-factor authentication (2FA) method.
In practice it is really simple. After you have entered your username and password you will be prompted for an extra code. This code will then be generated on a server and send to you by push notification (received by an app), SMS or voice message.