most common interview question #tech #backend #systemdesign #gratitude #coding #ytshorts #developer

Most people assume OTPs must be stored somewhere. That’s not always true.

This is typically done using Time-Based One-Time Passwords (TOTP).

Instead of storing the OTP, both the server and the client share a secret key in advance.

Here’s how it works:

1. The server takes:

* The shared secret key
* The current timestamp (rounded to a 30-second window)

2. It runs these through a hashing algorithm (usually HMAC).

3. The output is converted into a 6-digit OTP.

Now both sides (server and client/app) generate the same OTP independently because:

* They use the same secret
* They use the same time window

No storage needed.

When the user enters the OTP:

* Server simply recomputes the OTP using the same logic
* If it matches → valid
* If not → reject

Why 30 seconds validity?
Because the timestamp input changes every 30 seconds, which produces a new OTP.

Production insight:

* This eliminates database reads/writes for OTPs
* Reduces attack surface (nothing stored = nothing to leak)
* Still secure because attacker would need the secret key

This is exactly how apps like Google Authenticator work.
Save this for interviews
#techdevelopers #devlife #fullstackdev #codingrules #codingblog #codingsecrets #codingsuccess #dailydev
Share with a frontend or backend dev Follow for system design & full-stack fundamentals

#codinginterview #cleancoder #technicalinterview #codebuild #techinterviews #techinterview #keepcoding #codecareer #codementor #coderush

[software, coder, developer, frontend developer, backend engineering, system design, interview prep, software engineer, computer networks, computer science, cs students, programming, coding, web development, internet basics, tech reels, learn in public, FAANG, google, hiring, interviews, tips]

Видео most common interview question #tech #backend #systemdesign #gratitude #coding #ytshorts #developer канала TechKiKahani