A password that's only valid once. It's supposedly more secure than a normal password; some implementations such as SecurID are, while some implementations permit the password to be sniffed off the wire or encourage the user to write the password down (e.g. running 'passwd' or equivalent at login time).