A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a personal identification number (PIN) and a verifier identifier can also be combined into the authentication code.