Authenticators that require the guide entry of an authenticator output, which include out-of-band and OTP authenticators, SHALL NOT be thought of verifier impersonation-resistant because the handbook entry does not bind the authenticator output to the precise session being authenticated.SHALL NOT be accessible to insecure communications amongst the