The verifier SHALL use authorized encryption and an authenticated safeguarded channel when amassing the OTP so that you can present resistance to eavesdropping and MitM attacks. Time-based mostly OTPs [RFC 6238] SHALL have an outlined life span that is determined via the envisioned clock drift — in both course — on the authenticator more than i