To use the device, the customer begins a typical login process where the target system requests a username and password.
Instead of the typical username and password entry, the customer enters their username and then presses the button on their authenticator. For the password, the customer inputs their secret four digit PIN code followed by the six digit number displayed on the authenticator (without any dashes, spaces or pressing of the 'enter' key.)
For example, customer 'buffalor' has set a pin of 1111. When the customer is ready to log onto a system using OTP, the customer presses the button on the authenticator and the display reads '257324.' The customer would log in with:
Note: a PIN of 1111 is an unwise choice and just used here for clearer documentation.
If the customer waits too long to complete this action, the '257324' number may get 'stale' and stop working. This most often happens when the number is already a bit stale when the button is first pressed and the user is slow typing it in. In that case, the login is refused and the customer must repeat the process, pressing the authenticator button again and getting a new number.
Some people find it easier to get their username and PIN entered, and then getting the number from the authenticator to maximize the time you have to complete that action.
The number changes on the display every 32 seconds but the number is actually valid for a bit longer than that so you have some time to get logged in with any number displayed.