Dunno enough about cryptography to say anything interesting. So the only thing that comes to mind is replay of a time-based one-time password (such as RFC 6238), though you still need to get the time and password.