Is HOTP still relevant in 2026?

Mostly as a legacy mechanism. Hardware tokens still ship HOTP-mode firmware, and a few enterprise products keep HOTP for backwards compatibility. New deployments almost always pick TOTP, FIDO2 or SMS OTP instead.

How is HOTP different from TOTP?

HOTP uses a counter that increments per-use. TOTP uses the current 30-second time window as its counter. Both are HMAC-SHA1-based and produce the same kind of 6-digit output; only the counter source differs.

Can HOTP get out of sync?

Yes — if the user generates several codes without using them, the client counter races ahead of the server. Servers usually accept a window of N future counters (commonly 10) to recover gracefully.

OTP & SMS Security

What is HOTP? Counter-Based OTP Explained

HOTP — HMAC-based One-Time Password — explained. The RFC 4226 algorithm, how it differs from TOTP, hardware-token use cases, and modern alternatives.

23 April 2026|7 min read

StartMessaging Team

Engineering

HOTP is the older, less famous cousin of TOTP. It is the original HMAC-based OTP scheme defined in RFC 4226 and is the algorithm that powered the early generation of hardware authentication tokens — the small key-fobs with a button and an LCD that you might have used to log into a corporate VPN in 2010.

This guide covers what HOTP is, how the algorithm works, when you would still pick it over TOTP today (rarely), and the modern alternatives most teams should reach for.

HOTP — Definition

HOTP — HMAC-based One-Time Password — derives a short numeric code by hashing a shared secret with a monotonically increasing counter. It was published as RFC 4226 in 2005 and inspired TOTP three years later.

Each press of the button on a HOTP token (or each call from a HOTP software client) increments the counter and emits a new code. The code does not change with time — it changes with use. A code printed on a scratch card and left in a drawer for a year is still valid; a code from yesterday’s login is not, because both client and server have moved on.

How HOTP Works

// Inputs: secret K, counter C
HMAC = HMAC-SHA1(K, C)            // 20 bytes
offset = HMAC[19] & 0x0F           // last nibble
truncated = (HMAC[offset]   & 0x7F) << 24
          | (HMAC[offset+1] & 0xFF) << 16
          | (HMAC[offset+2] & 0xFF) << 8
          | (HMAC[offset+3] & 0xFF)
code = truncated % 10^d           // d = 6, usually

On each verification, the server tries the expected counter value plus a small look-ahead window (commonly 10) to forgive accidental increments where the user pressed the button but never typed the code. After a successful verification, the server’s counter advances past the last accepted value to prevent replay.

HOTP vs TOTP

	HOTP (RFC 4226)	TOTP (RFC 6238)
Counter source	Per-use counter	Current 30-second window
Re-use prevention	Server tracks last counter	Server tracks last accepted window
Code rotation	On user action	Every 30s automatically
Out-of-sync risk	Yes — needs look-ahead	Yes — needs ±1 window for clock drift
Modern adoption	Legacy hardware tokens	Authenticator apps (default)

For a deeper TOTP write-up see our TOTP explainer.

Where HOTP is Still Used

Hardware tokens. Many YubiKey and Feitian models have a HOTP button mode for legacy compatibility.
Air-gapped environments. Where you cannot rely on a synchronised clock, HOTP avoids the drift problem.
Printed scratch-card OTPs. A pre-generated list of HOTP codes printed in a passbook, used in some banking products.

Pitfalls

Drift. Counter desynchronisation is the #1 source of support tickets. Tune the look-ahead window carefully — too small and you lock users out, too large and you increase brute-force surface.
Replay. Always advance the server counter past the last accepted value.
Hardware loss. A HOTP key is single-purpose; users will lose them. Plan recovery flows up front.

Modern Alternatives

Most products that would historically have picked HOTP now reach for one of:

TOTP — same crypto, no counter sync issues.
SMS OTP — universal handset support, instant delivery via a managed OTP API.
FIDO2 / passkeys — phishing-resistant, no shared secret to leak.

FAQ

For most Indian-market apps, the practical answer is SMS OTP via StartMessaging for primary auth and TOTP as an opt-in upgrade. HOTP rarely earns its slot on the menu in 2026.

OTP & SMS Security

What is TOTP? Time-Based OTP Explained for Developers

TOTP — Time-Based One-Time Password — explained: how the RFC 6238 algorithm generates 6-digit codes, how it differs from SMS OTP, when to use it, and how to implement it.

StartMessaging Team·23 Apr 20268 min read

OTP & SMS Security

What is OTP? A Complete Guide for Developers and Users (2026)

OTP (One-Time Password) explained: how it works, where it is used, the difference between SMS OTP, TOTP, HOTP, and Voice OTP, and how to add OTP to your app safely.

StartMessaging Team·22 Apr 20269 min read

OTP & SMS Security

What is 2FA? Two-Factor Authentication Explained (2026)

Two-Factor Authentication (2FA) explained in plain English. The three factor categories, common 2FA methods, OTP vs TOTP vs passkeys, and how to add 2FA to your product.

StartMessaging Team·23 Apr 20269 min read

Ready to Send OTPs?

Integrate StartMessaging in 5 minutes. No DLT registration required.

Get Started Free Read API Docs

HOTP — Definition

How HOTP Works

HOTP vs TOTP

Where HOTP is Still Used

Pitfalls

Modern Alternatives

FAQ

Related Articles

Ready to Send OTPs?