With OpenAI’s recent launch of its new model, o1-preview, I thought I’d use it to tackle a project I’ve been wanting to roll out for some time: a one-time password (OTP) sharing tool.
What is an OTP Sharing Tool?
An OTP sharing tool allows secure, one-time password transmission to another person. It’s ideal for situations where passwords need to be shared quickly but safely. The concept is simple: you enter your password into the tool’s website, which generates a unique URL. You then share that URL with whoever needs the password. The recipient visits the URL and can view the password just once, after which it self-destructs.
Importance of Password Security
Security is the core reason behind this project. To build a truly secure OTP tool, encryption must happen entirely on the client side, embedding the encryption key directly into the sharing URL. This ensures that only the encrypted password is stored on the server, preventing scenarios where both the key and encrypted password are accessible at the same time.
I’ve attempted similar applications before using GPT-4 and other large language models, and while they often produce something that appears functional, there are always major security issues. For example, I’ve never seen one move encryption to the client side, and it often took significant effort to persuade these models that storing the encrypted password and the key within the same database table was a poor idea.
A New Standard in Security with o1-preview
However, using o1-preview for this project was a different experience. The code it produced was secure, sophisticated, and well-structured, and included a number of security recommendations I hadn’t considered.
I often compare ChatGPT to an eager junior developer: it generates mostly good code but can make simple mistakes. This makes it essential to review every line and thoroughly test each function before integrating it into an application.
Having used o1-preview for the last few weeks, it feels more like a coding mentor. It suggests sophisticated, well-thought-out solutions to a range of coding problems, and its ability to refactor (restructuring code without changing what it does) complex scripts is impressive.
In fact, one of its main weaknesses is that it can refactor a bit too much. Even with small changes, it will often rewrite an entire script or class, refactoring and fixing various elements along the way. This can be useful, but it also makes it harder to track what the code is doing, which is critical if you’re a developer using AI to write software.
The Final Product: A Secure, Open-Sourced OTP Tool
You can see the application in action here, and I’ve open-sourced the code on GitHub. o1-preview built most of the functionality for this app, while I provided the styling, testing, validation, and deployment.
What’s Next for AI-Assisted Development?
Despite OpenAI’s recent release of this impressive model, there are rumours of another on the horizon called “Orion”, which has supposedly been trained with data from o1-preview and is expected to be 100 times more powerful than GPT-4.
Given the leap in code quality between o1-preview and GPT-4, the next model from OpenAI is both exciting and slightly unnerving for developers like myself.
Before long, there won’t be many humans left who can write better code than an LLM, and certainly won’t be anyone who can do it nearly as quickly. A developer’s role will likely evolve from writing code to orchestrating code creation through an LLM. This shift is already beginning to happen.
I don’t believe this will result in developers losing their jobs. Instead, I think developers will accomplish far more in less time. Software will become more sophisticated and feature-rich, with less investment, all with the same team of developers.
