Skip navigation
HOTP and TOTP

HOTP / Mobile Passcodes

For all application integrations, Duo uses HOTP, or HMAC-based one-time password (OTP) to generate passcodes for authentication.

Duo Mobile allows users to generate event-based passcodes that are valid until they have been used. Duo also supports the use of most HOTP-compatible hardware tokens for two-factor authentication.

TOTP

Some websites and online services let you protect your account with a mobile-generated passcode. Duo Mobile can generate these time-based one-time passcodes (TOTP) for all third-party sites, letting you keep all of your accounts in one app.

TOTP-based two-factor authentication involves generating a temporary, unique passcode that only works for a certain amount of time, typically 30-60 seconds. After generating the passcode, a user must type it in manually to authenticate for access.

See how Duo Mobile can support third-party accounts.

Trusted Users

The use of TOTP and HOTP is one of many two-factor authentication methods that Duo supports to ensure Trusted Users, part of a complete Trusted Access solution.

Ready to Get Started?

Try out Duo Access for 30 days to experience Trusted Access.