Whether it is online payments or user access management, security is something that Gambit take seriously. We actively work to make sure that our solutions – mobile and web – are up to date in this increasingly important area.

One-­time passwords, or OTP, are becoming a common way to provide two­-step authentication. Time­-based one-­time password (TOTP) is a standardized method for delivering a one-­time password that expires quickly, usually 30 seconds after being generated.

The password is usually sent in a text message but you also have the option of installing an app on your phone that generates the code for you. These apps go by the name Authenticator and are available for most platforms.

Amazon, Google, Microsoft and many other sites already provide extra account security by allowing users to activate TOTP on login. At Gambit we are as well using TOTP to make sure our customer’s data stays protected.

Want to try it out yourself?

If you are a developer looking to add extra security to your website there is a free, pure PHP implementation called multiOTP that you can use. multiOTP supports many OTP authentication methods, TOTP being one of them. To get multiOTP up and running on a Debian Wheezy distribution, take a look at my guide.