[This feature is a licensed version feature] If you need a license, you can obtain a 30-day license from the [Program Key Issuance] page.

Let’s learn about OTP, which is commonly used for online banking or as an additional authentication feature. OTP stands for One Time Password, a one-time password.

The feature provided by BerEditor is Time-Based One Time Password. This is a standard technology defined in RFC 6238. In fact, one of the most important aspects of Time-Based OTP is the time.

In reality, the time on the OTP device is inaccurate. Even if the OTP time error decreases, the server side that verifies the OTP value considers the difference between the forward and backward times.

The server then records the error corrections to ensure continued use. However, if the error exceeds a certain amount of time, the OTP time must be reset. The time set in BerEditor is localTime.

That is, it can be viewed as +9 hours from UTC time. For example, if UTC time is 1970.01.01 00:00:01, the local time would be 1970.01.01 09:00:01.

Executing the OTP

Let’s use BerEditor to obtain the OTP value specified in RFC 6238. In BerEditor, go to Password->Generate OTP. Let’s do this.

• 1: Execution Time Setting
• 2: Set the hash used during generation
• 3: Set the time interval (seconds)
• 4: OTP generation number length
• 5: Set the OTP generation key
• 6: Execute OTP generation

Example OTP result

• Input time: 2025-10-27 11:48:28
• Hash Mode: SHA256

• Time Interval: 60 (sec)

• OTP length: 6
• Key: 12345678901234567890 (Hex)

Result Screen

Generated as shown on the screen The TOPT value is 732086.

And the T value is 000000000001BFFB28.

Time-based OTP uses the actual key value and the T value as an HMAC, and then calculates the TOTP value at a specific location.

The date and time values ​​here represent the current time, but internally, the UTC standard time is used.