OTP algorithm generating codes based on current time and a shared secret. Codes typically valid for 30 seconds. Used by apps like Google Authenticator and Authy.