Shared passwords, static credentials and the absence of meaningful authentication at the endpoint level remain among the most persistent vulnerabilities in operational technology environments. As IT-OT convergence deepens the attack surface, conventional IT authentication methods continue to break down when applied to air-gapped or legacy industrial systems.

This session examines a purpose-built alternative: one-time authentication codes that are time-bound, unidirectional and dynamic - delivering MFA-grade identity verification without requiring a two-way network connection.

In this session, Godfrey Gaston of swIDc will share insights on:

• Why authentication fails at OT endpoints and where shared credentials create risk;
• How one-time authentication codes provide identity verification in air-gapped environments;
• How OTAC-based authentication meets IEC 62443, NIS2 and other regulatory standards.