EAP-POTP Authentication Protocol
EAP-POTP (Protected One-Time Password), which is described in RFC 4793, is an EAP method developed by RSA Laboratories that uses one-time password (OTP) tokens, such as a handheld hardware device or a hardware or software module running on a personal computer, to generate authentication keys. EAP-POTP can be used to provide unilateral or mutual authentication and key material in protocols that use EAP.
The EAP-POTP method provides two-factor user authentication, meaning that a user needs both physical access to a token and knowledge of a personal identification number (PIN) to perform authentication.
Refer to the [Server_Settings] Section of the securid.ini File in Chapter 3, Authentication Configuration Files of the Steel-Belted Radius Carrier Reference Guide for specifying settings for this protocol.