Authentication - Use of Single-Factor One-Time Password Device, v1.0

A single factor one-time password device may be used for authentication and must adhere to rules found within NIST 800-63-3B: 5.1.4.

Assessment Steps (2)

1
OTP Authenticators (OTPAuthenticators)
Does the single factor OTP device adhere to NIST 800-63-3B: 5.1.4?
Artifact
A1
Provide evidence (e.g. policies, risk assessment documentation) that the use of OTP authenticator devices adheres to requirements.
Parameter
Type of OTP Devicerequired
ENUM : Software or Hardware OTP
  • software
  • hardware
2
OTP Verifiers (OTPVerifiers)
Does the single factor OTP verifier adhere to NIST 800-63-3B: 5.1.4?
Artifact
A1
Provide evidence (e.g. policies, risk assessment documentation) that the use of OTP verifiers adheres to requirements.

Conformance Criteria (2)

C1
CSPs using single factor OTP authenticators must adhere to NIST 800-63-3B: 5.1.4.
Citation
NIST SP 800-63B
Section 5.1.4.1
C2
CSPs using single factor OTP verifiers must adhere to NIST 800-63-3B: 5.1.4.
Citation
NIST SP 800-63B
Section 5.1.4.2