[&] What does TOTP stand for in the context of OTP?
- Time-Based One-Time Password
- Template-Based One-Time Password
- Temporary One-Time Password
- Transaction One-Time Password

[&] What might indicate a weak implementation of OTP security?
- OTP codes do not have rate limiting protections
- OTP validity is short and codes expire quickly
- OTP codes are generated using random numbers
- OTP codes are frequently updated

[&] Which of the following is a major advantage of OTP?
- Time sensitivity and temporary availability
- Permanence and reusability
- Simplicity of storage
- Complexity in creation

[&] What is the primary purpose of implementing OTP in authentication mechanisms?
- To speed up the login process
- To enhance the security by providing a second layer of identity verification
- To reduce server load
- To encrypt user passwords

[&] How does OTP rate limiting protect against brute force attacks?
- By encrypting outgoing OTP messages
- By sending OTPs via two different channels
- By limiting the length of OTP codes
- By restricting the number of OTP verification attempts within a time period

[&] Why might long validity periods of OTPs be considered insecure?
- They increase the complexity of code generation
- They can be reused multiple times
- They require more server resources to process
- They offer more opportunities for interception by attackers