Passwordstate One-Time Password Authenticator

A One-Time Password (OTP) is a password that is valid for only one login session or access transaction. OTPs, used as part of 2FA (Two-Factor Authentication), offer an advantage in that they’re not vulnerable to replay attacks. This means a potential intruder, who manages to record an OTP already used, will not be able to abuse it as it’s no longer valid.

Passwordstate utilizes the TOTP standard, where time is an important part of the password algorithm in addition to the Issuer and Secret keys.

Setup One-Time Password Authenticator

First, I’ve created a Shared Password List based on the One-Time Password Authenticator template by right clicking on a folder, in this case our Windows Team, and progressing through the Add Shared Password List Wizard


Next, I’ve created a Password Record for logging into Gmail for one of our staff members,


You’ll note, that by using the One-Time Password Authenticator template, the highlighted section above is automatically added to the Password Record. In the event that you want to add the One-Time Password Authenticator to an existing record, in an existing Password List, simply go to that Password List, click on List Administrator Actions… and select Edit Password List Properties,


Then under Password List Settings, click on Enable One-Time Password Generation, and click Save & Close


Now you can configure the One-Time Password Authenticator. You can do this via either a QR code provided by your Issuer, or by entering the Issuer details manually. To enter a QR Code simply click on the icon of a QR code and either browse to the location of your QR Code by clicking on the select button, or, drag the QR Code over the Drop Image Here


Alternatively, you can add the details manually. To do this you must provide both the Issuer and Secret as provided by your Issuer. Make sure to cut and paste the Issuer and Secret into the correct fields;


You’ll notice that every time you now access that Password Record a new One-Time Password is generated for you, and refreshed based on your Valid Period (specified in seconds).


That’s all there is to it! As always, your feedback is welcome via
support@clickstudios.com.au.

Speak Your Mind

*