---
title: OTPs Must Have 20-bit Entropy Minimum
impact: MEDIUM
impactDescription: prevents OTP brute-forcing
tags: otp, entropy, authentication, 2fa, security
---

## OTPs Must Have 20-bit Entropy Minimum

This rule ensures high quality and security in Python and PySpark applications.

**Implementation Guidance:**
- Follow standard Python best practices (PEP 8)
- Use type hints for better clarity
- For PySpark, prefer DataFrame API over SQL strings where possible
- Ensure proper resource management (using \`with\` statements)