This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Provide OTP One-Time Passwords in advance for users without access to Sophos Authenticator

We're enabling OTP for VPN access, and there's a group of user who either don't have access to Google / Sophos Authenticator or refuse to use it for - reasons. It seemed that I could go into their token properties, click the plus button and get some codes new codes to give to the user in advance. However these codes timeout just like the normal code does that you'd get with the Authenticator app.

Is there a way to generate a code that doesn't expire but can only be used once? This may work for users who only VPN in on occasion.

Thanks!

This thread was automatically locked due to age.

Top Replies

Hayim Caspy over 2 years ago +2 verified

The whole idea in otp is that it changes.. Check the time/timezone in the mobile phone and the xg to see if all is correct. make sure you use ntp in the time sync in the xg. and last, you have chrome addon…

Parents

+1 Hayim Caspy over 2 years ago

The whole idea in otp is that it changes.. Check the time/timezone in the mobile phone and the xg to see if all is correct. make sure you use ntp in the time sync in the xg. and last, you have chrome addon for otp. if they have a computer, they can use it...
Cancel
Vote Up +2 Vote Down

Cancel

Reply

+1 Hayim Caspy over 2 years ago

The whole idea in otp is that it changes.. Check the time/timezone in the mobile phone and the xg to see if all is correct. make sure you use ntp in the time sync in the xg. and last, you have chrome addon for otp. if they have a computer, they can use it...
Cancel
Vote Up +2 Vote Down

Cancel

Children

+1 LuCar Toni over 2 years ago in reply to Hayim Caspy

You could also get your hands on hardware OTP tokens. There are plenty TOTP tokens out there, which you can use.

__________________________________________________________________________________________________________________
Cancel
Vote Up +2 Vote Down

Cancel
0 Moltron5k over 2 years ago in reply to Hayim Caspy

I understand they should change. I thought by clicking the add button in the XG page, that I could get something like what Google offers - backup codes to use. https://support.google.com/accounts/answer/185839?hl=en&co=GENIE.Platform%3DDesktop#zippy=%2Cuse-backup-codes . Didn't realize there was a chrome addon, thanks I'll look into that.
Cancel
Vote Up 0 Vote Down

Cancel
0 Moltron5k over 2 years ago in reply to LuCar Toni

Thanks, I'm not real familiar with TOTP tokens -- yet. We're jumping into MFA next year but for now just looking to secure the VPN connections. Looks like amazon has a few options for TOTP, so we'll look into those options for the few users that don't have smartphones.
Cancel
Vote Up 0 Vote Down

Cancel