Ask the Community
Groups
Generating One-Time Passwords (OTP) - Connect IT Community | Kaseya
<main> <article class="userContent"> <p>Introduction</p> <p>A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single login session. OTPs are much more secure than static passwords as they are only valid for a short amount of time thus offering protection from replay attacks. Using an OTP means that you no longer have to worry about weak or guessable password composition habits. Also, OTPs greatly help mitigate risk in the case that you are sharing credentials on multiple accounts and systems.</p> <p>Once you use a third-party authentication application to generate a secret key, you can safely store your new OTP code in IT Glue. The OTP code will be punctuated with spaces in the user interface but the spaces will be removed when pasting the code.</p> <p>Prerequisites</p> <ul><li>Users with Read-Only or Lite roles must have access to the password to view and copy the OTP.</li> <li>Users with Creator and above roles must have access to the password to view, copy, add, and delete the OTP.</li> <li>Ensure your device time is synced with internet time. If your device times are not in sync, the OTP code will fail. <ul><li> <strong>iOS devices:</strong> Navigate to <strong>Settings > General > Date & Time</strong>. Tap to toggle the <strong>Set Automatically</strong> switch to off. Wait a few seconds and toggle it back on.</li> <li> <strong>Android devices:</strong> Tap <strong>Settings</strong>, enter <em>Date and time</em> in the <strong>Search Settings</strong> bar, and then open <strong>Date and Time settings</strong>. Tap to toggle the <strong>Automatic date and time</strong> switch to off. Wait a few seconds and toggle it back on.</li> </ul></li> </ul><p>Instructions</p> <div> <p><strong>Important. </strong>For best results, please ensure the device you are documenting or viewing an OTP from has its time set automatically by your operating system. Or, reset your system clock to Network Time Protocol. The OTP generator is reliant on your local device's clock to produce the 6-digit string. </p> </div> <h3 data-id="creating-otps-for-new-passwords">Creating OTPs for new passwords</h3> <p><strong><em>General passwords</em></strong></p> <ol><li>In IT Glue, navigate to <strong>Organization > Passwords</strong>. Click <strong>+ New > Password</strong>. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/IMJUNA50BS7L/passwords-it-glue.png" alt="Passwords___IT_Glue.png" width="474" height="228" class="embedImage-img importedEmbed-img"></img></p> </li> <li>Enter your secret key in the <strong>One-time Password</strong> field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/AWCH4E5AJFBR/create-password-it-glue.png" alt="Create_Password___IT_Glue.png" width="474" height="490" class="embedImage-img importedEmbed-img"></img></p> <div> <p><strong>Note for Office 365 users:</strong> <br>- In the prompts to set this up from Office 365, click the <strong>I want to use a different authenticator app</strong> link. <br>- Then on the next page click on <strong>Can't scan image?</strong>. <br>This secret key generated is compatible with IT Glue.</p> </div> </li> <li>Click <strong>Save</strong>.</li> </ol><p><strong><em>Embedded passwords</em></strong></p> <ol><li>Navigate to <strong>Organization > Configuration</strong>. In the <strong>Embedded Passwords</strong> section of the side panel, click <strong>Add Password</strong>. Complete the fields and click <strong>Add</strong> to save your new password. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/IOQTQOL8EPNP/device-2-it-glue.png" alt="Device_2___IT_Glue.png" width="473" height="568" class="embedImage-img importedEmbed-img"></img></p> </li> <li>Navigate back to <strong>Organization > Password</strong> and click to open the password you created in the last step. In the password show page, click <strong>Edit</strong> in the top-right corner. <ul><li>You can also click the embedded password link in the Configuration side panel to access the password's show page. <p><br><img src="https://us.v-cdn.net/6032361/uploads/migrated/20C5JQRZDB5Z/device-1-it-glue.png" alt="Device_1___IT_Glue.png" width="326" height="124" class="embedImage-img importedEmbed-img"></img></p> </li> </ul></li> <li>Enter your secret key in the <strong>One-time Password</strong> field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long and use Base32 formatting.</li> <li>Click <strong>Save</strong>. <div> <strong>Note:</strong> You can only create, view, and edit an OTP for an embedded password in its show page. You will <strong>not</strong> be able to complete these actions directly in the Configuration side panel of which the embedded password belongs to.</div> </li> </ol><h3 data-id="viewing-otps-for-existing-passwords">Viewing OTPs for existing passwords</h3> <p><strong><em>Password list view</em></strong></p> <p>Navigate to <strong>Organization > Passwords</strong>. In the table, a check mark displayed in the <strong>OTP </strong>column indicates that OTP has been generated for that particular password.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/2JHQI3DH3TH5/passwords-it-glue-2.png" alt="Passwords___IT_Glue-2.png" width="512" height="245" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Password view page</em></strong></p> <p>Navigate to <strong>Organization > Passwords</strong>. Open the password view page and click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity. Use the <strong>Copy to clipboard</strong> button to copy the OTP.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/QPMS8MUJ60N9/skitch-background-google-docs-3.png" alt="Skitch_Background_-_Google_Docs-3.png" width="512" height="390" class="embedImage-img importedEmbed-img"></img></p> <div> <strong>Note: </strong>Currently, the Copy to clipboard function will only work in the Safari browser if the <strong>Show OTP field</strong> is expanded.</div> <p><strong><em>Global Passwords page</em></strong></p> <p>Navigate to <strong>Global > Assets > Passwords</strong>. In the <strong>General</strong> tab, you can filter the <strong>OTP</strong> column to “Yes” to view all passwords that have OTP generated.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/B4YA1659VQK5/screen-shot-2020-07-13-at-3-23-38-pm.png" alt="Screen_Shot_2020-07-13_at_3_23_38_PM.png" width="513" height="197" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Search function</em></strong></p> <p>Launch the <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fkaseya.vanillacommunities.com%2Fkb%2Farticles%2Faliases%2Fitglue%2Fhc%2Fen-us%2Farticles%2F360004936277-Search" rel="noopener nofollow">search</a> function in IT Glue. Any password with OTP generated for it will display in the preview pane. You can also click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity directly in the preview pane.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/4JFBADXF7BD5/skitch-background-google-docs-4.png" alt="Skitch_Background_-_Google_Docs-4.png" width="513" height="398" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>IT Glue Mobile App</em></strong></p> <p>In the mobile app, you can view and copy the OTP generated for a password. Click the eye icon to view the six-digit string as well as the remaining time of validity. Click the eye icon again to hide the string and time bar.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/3SK9IRHG3AIB/skitch-background-google-docs.png" alt="Skitch_Background_-_Google_Docs.png" width="513" height="451" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>IT Glue Chrome Extension</em></strong></p> <p>In the Chrome extension, you can view and copy the OTP generated for a password. Click <strong>Show OTP</strong> to view the six-digit string as well as the remaining time of validity. Use the <strong>Copy to clipboard</strong> button to copy the OTP without viewing it.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/W71CQ1DJEGXX/skitch-background-google-docs-27585.png" alt="Skitch_Background_-_Google_Docs-27585.png" width="513" height="409" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Exports</em></strong></p> <p>Exports will indicate if a password has had OTP initiated for them.</p> <h3 data-id="editing-existing-otps">Editing existing OTPs</h3> <p><strong><em>Edit password page</em></strong></p> <p>Navigate to <strong>Organization > Passwords </strong>and open the password record. You will not be able to view or edit the secret key. Click the <strong>Clear</strong> button to remove the secret key if you have a Creator or above role in IT Glue.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/PKP1K1FRPA8Y/edit-password-it-glue.png" alt="Edit_Password___IT_Glue.png" width="510" height="67" class="embedImage-img importedEmbed-img"></img></p> <p><strong><em>Password revision confirmation page</em></strong></p> <p>Once you click <strong>Save</strong>, an orange banner will appear providing a link to the last saved version of the password record. Click the link to action that version.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/NZKCHO6V5A8E/totp-final-designs-pptx-6-2.png" alt="TOTP_-_Final_Designs_pptx-6-2.png" width="509" height="48" class="embedImage-img importedEmbed-img"></img></p> </article> </main>