Authenticators that involve the manual entry of an authenticator output, including out-of-band and OTP authenticators, SHALL NOT be viewed as verifier impersonation-resistant since the guide entry does not bind the authenticator output to the precise session currently being authenticated.The authenticator output is attained by using an permitted bl