Why are codes safer than static passwords?

Last Updated: Nov 16, 2015 10:34AM CET

Classic, static passwords are usually only changed or reset when they expire or when forgotten by the user, while codes have a limited validity and can only be used for one login session or transaction. Codes are generated by an authenticator, which means users no longer have to write down complex passwords or remember them.

Static passwords are cached on computer hard drives and stored on servers, which makes them susceptible to cracking. This is especially a concern for mobile devices such as laptops, tablets and smartphones, which are hot items among thieves.

Furthermore, codes provide protection against brute force attacks and social engineering.