Why are OTPs more secure than static passwords? (Blog: OTP)