Ask the Community
Groups
Generating One-Time Passwords (OTP) - Connect IT Community | Kaseya
<main> <article class="userContent"> <p>Introduction</p> <p>A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single login session. OTPs are much more secure than static passwords as they are only valid for a short amount of time thus offering protection from replay attacks. Using an OTP means that you no longer have to worry about weak or guessable password composition habits. Also, OTPs greatly help mitigate risk in the case that you are sharing credentials on multiple accounts and systems.</p> <p>Once you use a third-party authentication application to generate a secret key, you can safely store your new OTP code in MyGlue. The OTP code will be punctuated with spaces in the user interface but the spaces will be removed when pasting the code.</p> <p>Prerequisites</p> <ul><li>Users with Read-Only or Lite roles must have access to the password to view and copy the OTP.</li> <li>Users with Creator and above roles must have access to the password to view, copy, add, and delete the OTP.</li> </ul><p>Instructions</p> <h3 data-id="creating-otps-for-new-passwords">Creating OTPs for new passwords</h3> <p><strong><em>General passwords</em></strong></p> <ol><li>In MyGlue, navigate to <strong>Organization > Passwords</strong>. Click <strong>+ New > Password</strong>. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/AAK8FB7P1YC3/screen-shot-2020-07-13-at-7-14-35-pm.png" alt="Screen_Shot_2020-07-13_at_7_14_35_PM.png" width="475" height="115" class="embedImage-img importedEmbed-img"></img></p> </li> <li>Enter your secret key in the <strong>One-time Password</strong> field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/EC5GLWE2LODV/create-password-myglue.png" alt="Create_Password___MyGlue.png" width="474" height="435" class="embedImage-img importedEmbed-img"></img></p> </li> <li>Click <strong>Save</strong>.</li> </ol><p><strong><em>Embedded passwords</em></strong></p> <ol><li>Navigate to <strong>Organization > Configuration</strong>. In the <strong>Embedded Passwords</strong> section of the side panel, click <strong>Add Password</strong>. Complete the fields and click <strong>Add</strong> to save your new password. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/UVEJ7S0RY5SM/1config-it-glue.png" alt="1config___IT_Glue.png" width="474" height="546" class="embedImage-img importedEmbed-img"></img></p> </li> <li>Navigate back to <strong>Organization > Password</strong> and click to open the password you created in the last step. In the password show page, click <strong>Edit</strong> in the top-right corner. <ul><li>You can also click the embedded password link in the Configuration side panel to access the password's show page. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/0WDRWNSD1V2S/device-1-it-glue.png" alt="Device_1___IT_Glue.png" width="326" height="124" class="embedImage-img importedEmbed-img"></img></p> </li> </ul></li> <li>Enter your secret key in the <strong>One-time Password</strong> field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long and use Base32 formatting.</li> <li>Click <strong>Save</strong>. <div> <strong>Note:</strong> You can only create, view, and edit an OTP for an embedded password in its show page. You will <strong>not</strong> be able to complete these actions directly in the Configuration side panel of which the embedded password belongs to.</div> </li> </ol><h3 data-id="viewing-otps-for-existing-passwords">Viewing OTPs for existing passwords</h3> <p><strong><em>Password list view</em></strong></p> <p>Navigate to <strong>Organization > Passwords</strong>. In the table, a check mark displayed in the <strong>OTP </strong>column indicates that OTP has been generated for that particular password.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/CN6AV6NV2EQU/passwords-myglue.png" alt="Passwords___MyGlue.png" width="512" height="139" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Password view page</em></strong></p> <p>Navigate to <strong>Organization > Passwords</strong>. Open the password view page and click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity. Use the <strong>Copy to clipboard</strong> button to copy the OTP.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/G3DQ9UK13B9D/skitch-background-google-docs.png" alt="Skitch_Background_-_Google_Docs.png" width="511" height="389" class="embedImage-img importedEmbed-img"></img></p> <div> <strong>Note: </strong>Currently, the Copy to Clipboard function will only work in the Safari browser if the <strong>Show OTP field</strong> is expanded.</div> <p><strong><em>Search function</em></strong></p> <p>Launch the <a href="https://kaseya.vanillacommunities.com/kb/articles/aliases/myglue/hc/en-us/articles/360004949597" rel="noopener nofollow">search</a> function in MyGlue. Any password with OTP generated for it will display in the preview pane. You can also click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity directly in the preview pane.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/H7D1Q4FI1SZK/skitch-background-google-docs-2.png" alt="Skitch_Background_-_Google_Docs-2.png" width="514" height="298" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>MyGlue Mobile App</em></strong></p> <p>In the mobile app, you can view and copy the OTP generated for a password. Click the eye icon to view the six-digit string as well as the remaining time of validity. Click the eye icon again to hide the string and time bar.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/YR4CFUOOUZF4/generating-one-time-passwords-myg-kb-draft-google-docs-2.png" alt="Generating_One-Time_Passwords__MyG_KB__-_DRAFT_-_Google_Docs-2.png" width="513" height="394" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>MyGlue Chrome Extension</em></strong></p> <p>In the Chrome extension, you can view and copy the OTP generated for a password. Click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity. Use the <strong>Copy to Clipboard</strong> buttons to copy the OTP without viewing it.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/C9YWECTXQXFZ/skitch-background-google-docs-4.png" alt="Skitch_Background_-_Google_Docs-4.png" width="513" height="410" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Exports</em></strong></p> <p>Exports will indicate if a password has had OTP initiated for them.</p> <h3 data-id="editing-existing-otps">Editing existing OTPs</h3> <p><strong><em>Edit password page</em></strong></p> <p>Navigate to <strong>Organization > Passwords </strong>and open the password record. You will not be able to view or edit the secret key. Click the <strong>Clear</strong> button to remove the secret key if you have a Creator or above role in MyGlue.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/Y28J6HSECDKE/edit-password-it-glue.png" alt="Edit_Password___IT_Glue.png" width="517" height="68" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Password revision confirmation page</em></strong></p> <p>Once you click <strong>Save</strong>, an orange banner will appear providing a link to the last saved version of the password record. Click the link to action that version.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/RQ7090MBRB50/totp-final-designs-pptx-6-2.png" alt="TOTP_-_Final_Designs_pptx-6-2.png" width="520" height="49" class="embedImage-img importedEmbed-img"></img></p> </article> </main>