10-15-2025, 01:31 AM
Wondering if HOTP is the right fit for a field team that authenticates only a few times a day. They sometimes have no network and want a code that works on demand. TOTP has been okay in other apps, but time skew and dead batteries have caused headaches. With HOTP, I like the “press for a code” idea, yet I’m worried about counters drifting when people mash the button. What are the trade-offs, and how do you prevent runaway counter issues in the real world?