This document discusses using one-time passwords to prevent phishing attacks. Phishing involves attackers setting up fake websites to steal users' confidential information. To address this, the document proposes authenticating users with one-time passwords delivered over a secondary channel rather than static passwords. This would require the attacker to know the user's account, secondary channel identity and password to intercept the OTP, making phishing more difficult to succeed. The document outlines how OTP authentication works and its security advantages over traditional passwords.