The verifier SHALL use authorised encryption and an authenticated shielded channel when amassing the OTP so that you can offer resistance to eavesdropping and MitM attacks. Time-based OTPs [RFC 6238] SHALL have an outlined lifetime that is decided through the predicted clock drift — in either direction — of your authenticator above its life tim