The verifier SHALL use accredited encryption and an authenticated protected channel when amassing the OTP in order to provide resistance to eavesdropping and MitM attacks. Time-dependent OTPs [RFC 6238] SHALL have an outlined lifetime that is set via the envisioned clock drift — in both route — of the authenticator more than its life span, more