In EAP One-Time-Password, the client sends a plaintext
one-time password to the server, which then checks the password and either
accepts or rejects the request. The one-time password is sent in the
clear, so it is subject to eavesdropping, and should not be used with
static password. EAP One-Time-Password does not support dynamic WEP
keys.
EAP One-Time-Password can work with Radiator AuthBy clauses
that support one-time passwords, such as AuthBy OTP, LDAPDIGIPASS and
SQLDIGIPASS.