One-time password authentication system and authentication method used for B/S (Browser/Server) network structure

The invention relates to a one-time password (OTP) authentication system and authentication method used for a B/S (Browser/Server) network structure. The authentication system comprises a hardware token, an initializing tool, a client system, a management system and au authentication server. The initializing tool completes the initialization flow of the hardware token; the hardware token provides an OTP required by authentication for a user; the user inputs the OTP into the client system, and the client system sends the OTP to the authentication server; the authentication server completes the authentication process and returns the result back to the client system, and the client system finally feeds back the result to the user; the management system completes system management and maintenance and sends a management operation request to the authentication server and a client server as specified; and the authentication server and the client server receive the request, complete the operation and return the operation result. The authentication method comprises system initialization, login authentication and system management and comprises eight specific steps. User authentication and system management can be completed by the browser page mode, so that the invention has the advantages of convenient use, easy maintenance, practical value and broad application prospects.