Generating One-Time Passwords (OTP)

Introduction

A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single login session. OTPs are much more secure than static passwords as they are only valid for a short amount of time thus offering protection from replay attacks. Using an OTP means that you no longer have to worry about weak or guessable password composition habits. Also, OTPs greatly help mitigate risk in the case that you are sharing credentials on multiple accounts and systems.

Once you use a third-party authentication application to generate a secret key, you can safely store your new OTP code in IT Glue. The OTP code will be punctuated with spaces in the user interface but the spaces will be removed when pasting the code.

Prerequisites

  • Users with Read-Only or Lite roles must have access to the password to view and copy the OTP.
  • Users with Creator and above roles must have access to the password to view, copy, add, and delete the OTP.
  • Ensure your device time is synced with internet time. If your device times are not in sync, the OTP code will fail.
    • iOS devices: Navigate to Settings > General > Date & Time. Tap to toggle the Set Automatically switch to off. Wait a few seconds and toggle it back on.
    • Android devices: Tap Settings, enter Date and time in the Search Settings bar, and then open Date and Time settings. Tap to toggle the Automatic date and time switch to off. Wait a few seconds and toggle it back on.

Instructions

Important. For best results, please ensure the device you are documenting or viewing an OTP from has its time set automatically by your operating system. Or, reset your system clock to Network Time Protocol. The OTP generator is reliant on your local device's clock to produce the 6-digit string. 

Creating OTPs for new passwords

General passwords

  1. In IT Glue, navigate to Organization > Passwords. Click + New > Password.


    Passwords___IT_Glue.png

  2. Enter your secret key in the One-time Password field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long.


    Create_Password___IT_Glue.png

    Note for Office 365 users:
    - In the prompts to set this up from Office 365, click the I want to use a different authenticator app link.
    - Then on the next page click on Can't scan image?.
    This secret key generated is compatible with IT Glue.

  3. Click Save.

Embedded passwords

  1. Navigate to Organization > Configuration. In the Embedded Passwords section of the side panel, click Add Password. Complete the fields and click Add to save your new password.


    Device_2___IT_Glue.png

  2. Navigate back to Organization > Password and click to open the password you created in the last step. In the password show page, click Edit in the top-right corner.
    • You can also click the embedded password link in the Configuration side panel to access the password's show page.


      Device_1___IT_Glue.png

  3. Enter your secret key in the One-time Password field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long and use Base32 formatting.
  4. Click Save.
    Note: You can only create, view, and edit an OTP for an embedded password in its show page. You will not be able to complete these actions directly in the Configuration side panel of which the embedded password belongs to.

Viewing OTPs for existing passwords

Password list view

Navigate to Organization > Passwords. In the table, a check mark displayed in the OTP column indicates that OTP has been generated for that particular password.

Passwords___IT_Glue-2.png

Password view page

Navigate to Organization > Passwords. Open the password view page and click Show OTP to view the six-digit string as well as the remaining time of validity. Use the Copy to clipboard button to copy the OTP.

Skitch_Background_-_Google_Docs-3.png

Note: Currently, the Copy to clipboard function will only work in the Safari browser if the Show OTP field is expanded.

Global Passwords page

Navigate to Global > Assets > Passwords. In the General tab, you can filter the OTP column to “Yes” to view all passwords that have OTP generated.

Screen_Shot_2020-07-13_at_3_23_38_PM.png

Search function

Launch the search function in IT Glue. Any password with OTP generated for it will display in the preview pane. You can also click Show OTP to view the six-digit string as well as the remaining time of validity directly in the preview pane.

Skitch_Background_-_Google_Docs-4.png

IT Glue Mobile App

In the mobile app, you can view and copy the OTP generated for a password. Click the eye icon to view the six-digit string as well as the remaining time of validity. Click the eye icon again to hide the string and time bar.

Skitch_Background_-_Google_Docs.png

IT Glue Chrome Extension

In the Chrome extension, you can view and copy the OTP generated for a password. Click Show OTP to view the six-digit string as well as the remaining time of validity. Use the Copy to clipboard button to copy the OTP without viewing it.

Skitch_Background_-_Google_Docs-27585.png

Exports

Exports will indicate if a password has had OTP initiated for them.

Editing existing OTPs

Edit password page

Navigate to Organization > Passwords and open the password record. You will not be able to view or edit the secret key. Click the Clear button to remove the secret key if you have a Creator or above role in IT Glue.

Edit_Password___IT_Glue.png

Password revision confirmation page

Once you click Save, an orange banner will appear providing a link to the last saved version of the password record. Click the link to action that version.

TOTP_-_Final_Designs_pptx-6-2.png

Was this article helpful?
1 out of 8 found this helpful
Have more questions? Contact us