US Patent 9378356 Two factor authentication using a one-time password

Methods and systems for online authentication eliminate the common username plus password combination, using instead a novel two-factor authentication that employs a mobile phone number and a one-time, limited life password. The user provides the mobile phone number to a login dialog and receives, from a service provider, the one-time password, e.g., via a text message, at the mobile device to which the phone number belongs. If the user enters the one-time password before it expires, the user is authenticated and logged in. A method for authentication or authorization to a website includes: receiving a phone number from a user via a communication network in response to a login prompt displayed to the user; transmitting a one-time password to the phone number using text messaging; and in response to receiving the one-time password back from the user, authenticating the user for transactions with the website.