The verifier SHALL use accredited encryption and an authenticated protected channel when amassing the OTP so that you can offer resistance to eavesdropping and MitM attacks. Time-primarily based OTPs [RFC 6238] SHALL have a defined life span that is set through the predicted clock drift — in either path — on the authenticator above its life tim