A One Time Password (OTP) is a unique code/token generated by your application, sent to a user via SMS text and then entered into your application login/signup flow for additional security.
- People supply a mobile number when they join your service
- You generate a unique code and merge it into an SMS text using our easy SMS API
- The user types the code into a form on your server and you verify the code matches
- You delete the code after a successful login or after a period of time
One-Time Passwords are only effective for a fixed period of time and become invalid once the user logs in, making them exceptionally useful against spyware such as key logging programs.
One you have built One Time Passwords into your activation/signup flow a One Time Password will be texted every time a login attempt is made. This flow will dramatically improve account security.