Which password concept is valid for a single session and becomes invalid after that session ends?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which password concept is valid for a single session and becomes invalid after that session ends?

Explanation:
One-time password is designed to be used for a single authentication session and then becomes invalid. Because it is issued for one use, it cannot be reused in a later login, which helps prevent replay attacks if the code is captured or intercepted. Some OTPs are time-based, expiring after a short window, while others are single-use codes delivered at login time. This single-use, session-bound nature is what makes OTP the best fit for a credential that should not persist beyond one session. In contrast, a security key provides ongoing access across sessions, biometrics verify identity rather than serving as a one-time credential, and soft authentication tokens (like TOTP) generate new codes for subsequent logins, so they’re not inherently restricted to a single session.

One-time password is designed to be used for a single authentication session and then becomes invalid. Because it is issued for one use, it cannot be reused in a later login, which helps prevent replay attacks if the code is captured or intercepted. Some OTPs are time-based, expiring after a short window, while others are single-use codes delivered at login time. This single-use, session-bound nature is what makes OTP the best fit for a credential that should not persist beyond one session. In contrast, a security key provides ongoing access across sessions, biometrics verify identity rather than serving as a one-time credential, and soft authentication tokens (like TOTP) generate new codes for subsequent logins, so they’re not inherently restricted to a single session.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy