A One-Time Password (OTP) is a password valid only for a single use and, once used, cannot be used again for authentication. A Yubico OTP is unique sequence of characters generated every time the YubiKey button is touched. The Yubico OTP is comprised of a sequence of 32 Modhex characters representing information encrypted with a 128 bit AES-128 key.
The information that makes up a Yubico OTP consists of:
- The private identity of the YubiKey
- Counter fields tracking how often the YubiKey has been used
- A Timer field tracking the time between generating each OTP
- A Random number to add additional security to the encryption
- A closing CRC16 checksum of all the fields
For more information about which YubiKeys support the Yubico OTP, see YubiKey Hardware.
Posted in: Basics