Page "One-time password" Paragraph 30

One-time passwords are vulnerable to social engineering attacks in which phishers steal OTPs by tricking customers into providing one or more OTPs that they used in the past.

In late 2005 customers of a Swedish bank were tricked into giving up their one-time passwords ( The Register article ).

In 2006 this type of attack was used on customers of a US bank ( Washington Post Security Blog ).

Even time-synchronized OTPs are vulnerable to phishing, by two methods: The password may be used as quickly by the attacker as the legitimate user, if the attacker can get the OTP in plaintext quickly enough.

The other type of attack — which may be defeated by OTP systems implementing the hash chain as discussed above — is for the phisher to use the information gained ( past OTP codes which are no longer valid ) by this social-engineering method to predict what OTP codes will be used in the future.

For example, an OTP password-generator that is pseudo-random rather than truly random might or might not be able to be compromised, because pseudo-random numbers are often predictable once one has the past OTP codes.

An OTP system can only use truly random OTPs if the OTP is generated by the authenticator and transmitted ( presumably out-of-band ) to the user ; otherwise, the OTP must be independently generated by each party, necessitating a repeatable, and therefore merely pseudo-random, algorithm.