OTP Over SMS

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

OTP Over SMS

The OTP Over SMS authentication method uses Time-based One-Time Passwords (TOTP) to secure user access. This method involves sending a one-time passcode to the user's registered mobile number, which must be entered to log into the application.

How OTP Over SMS Works

OTP Generation and Delivery:

Requesting an OTP: When a user initiates a login attempt, a one-time passcode is generated and sent to their registered mobile number.
Entering the OTP: The user receives the OTP via SMS and inputs it into the application to authenticate their identity.
Time-Based Validity:
Passcode Duration: The OTP is valid for a limited time, typically between 30 and 60 seconds. After this period, the OTP expires and cannot be used. The user will need to request a new OTP if needed.

Configuration Requirements

OTP Over SMS

SMS Gateway Setup: To use OTP Over SMS, you must configure an SMS gateway within the plugin. An SMS gateway is a system that manages the sending of SMS messages to mobile numbers.

Configure OTP Over SMS

There are two options for configuring the SMS gateway:

miniOrange Gateway: Utilizes miniOrange's own SMS gateway service for sending OTPs.
Custom Gateway: Allows integration with a third-party SMS gateway service of your choice.

For more details on setting up and choosing between these gateways, refer to the gateway configuration guide.

Security Considerations

Mobile Number Security: Ensure that the mobile number associated with the account is secure and not easily accessible to others.
SIM Swapping Protection: Consider additional security measures to protect against SIM swapping attacks, which can compromise OTP-based authentication.