Which mechanism is commonly used in multi-factor authentication to provide a second factor via a time-based code?

The concept being tested is using a time-based one-time password as the second factor in multi-factor authentication. The mechanism that provides a code that changes with time is TOTP, which stands for Time-based One-Time Password. In practice, an authenticator app on your device and the authentication server share a secret key. The app combines that key with the current time to generate a short-lived code, typically valid for about 30 seconds. When you log in, you enter that code, proving you possess the device with the app, in addition to the password you know. Because the code changes over time and expires quickly, it adds a strong layer of security.

HOTP, by contrast, uses a counter to generate one-time passwords, not a time-based value, so it isn’t the time-based mechanism described. RADIUS and TACACS+ are authentication protocols used to transmit credentials and authorization requests; they aren’t the method that generates time-based codes for MFA.