The verifier SHALL use approved encryption and an authenticated safeguarded channel when gathering the OTP so as to present resistance to eavesdropping and MitM attacks. Time-primarily based OTPs [RFC 6238] SHALL have a defined lifetime that is determined because of the envisioned clock drift — in possibly way — with the authenticator about its