All Programming Interview Questions & Answers

How to implement Secure OTP Login?

OTP (One Time Password or Pin) login is quite popular in most programming languages. However, you need to make it secure by following practices:

  • Limit Login Attempts – Limit login attempts to 3 to 5
  • Block Over Attempts – If more than 10 attempts in the last 24 hours, block user/IP
  • Expire Time – Expire OTP in 2 to 5 minutes
  • OTP RESET – RESET OTP after once validated (success login)

You can change these numbers based on your application requirement.