Abstract : Traditional one-time password (OTP) systems rely on fixed-length numeric codes, making them vulnerable to replay attacks, phishing, and social engineering. This paper proposes an adaptive OTP generation framework that integrates AI-based risk assessment with context-aware two-factor authentication. The proposed system evaluates contextual metadata—including device information, geolocation, and user behavior—to classify risk levels in real time using a lightweight machine learning model. Based on the assessed risk, the OTP generation policy dynamically adjusts both length and character complexity. It produces simple six-digit numeric OTPs in low-risk scenarios and transitions to alphanumeric or symbolic OTPs exceeding ten characters in high-risk conditions. This adaptive strategy enhances security while preserving usability. The architecture is modular and platform-independent, enabling seamless deployment without cloud dependency or specialized hardware. Experimental evaluations demonstrate that the proposed system increases resistance to targeted attacks while maintaining authentication speed and user convenience. This work offers a practical and scalable enhancement to conventional authentication systems, particularly for mobile and resource-constrained environments.
Index terms : Adaptive OTP, Artificial Intelligence, Context-Aware Authentication, Risk Assessment, Two-Factor Authentication