We can produce OTP with HOTP RFC 4226 and TOTP RFC 6238.
However, the generated OTP usually has a check function
authenticator.check(token, secret);, However, this only checks if the OTP is valid.
How to keep which
data such that it is encrypted in the system's memory and can not be accessed until after entering the OTP.