What is a one-time password?

One-time password or OTP. While the corporate username and password are usually static. One-time passwords are only valid for a very short time. Just long enough to enable users to logon. The next time a user logs on, a new One-time password is delivered to the user. A one-time password is not vulnerable to brute-force attack or dictionary attacks. Because a one-time password is only valid for a very short period. Specially in a two-factor setup, even if you know the OTP, it is still useless without the other factor (username/password).

For this same reason the one-time password does not have to be very complex in a two-factor setup.

A SMS Password, in this context, is a password delivered by means of short text messaging on a mobile phone.

More information on how you can secure your environment using one-time passwords can be found here.