I am trying to add OTP functionality to login to an Android application. I am using node.js for the backend. Now I first thought about generating random numbers such as math.random().
I can easily create PTP on my server side, and I will store them in my MongoDB repository, then I will match them when the user enters OTP, but now I came across these prebuild modules for OTP, this is one Speakeasy https: // www.npmjs.com/package/speakeasy .
There are two types of HOTP / TOTP methods. I ask why someone will use these two and just not use random numbers. I mean, what is the use of HOTP / TOTP? If anyone has developed OTP functionality in any application / website, please enlighten me.
UPDATE
What is the general way to authenticate OTP on any Android device from the server, I mean applications like zomato, Airbnb, how do they check the user's OTP?
source
share