Authenticators that include the guide entry of the authenticator output, including out-of-band and OTP authenticators, SHALL NOT be regarded verifier impersonation-resistant as the guide entry would not bind the authenticator output to the particular session remaining authenticated.Verifiers of look-up strategies SHALL prompt the claimant for anoth