This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

After enabling OTP, user not able to logs into the User Portal for the first time, no QR code available in Sophos UTM 9

Existing user can login to user portal (https://xxxx) when OTP is disabled. But as soon as I enabled One Time Password from "Definitions & Users" the user not able to login to portal.

Error is "Invalid username/password, or access denied by policy". Created new users also , added to OTP User Group, selected "Auto-create OTP tokens for users". But when logging for the first time, no QR code is available.



This thread was automatically locked due to age.
  • FYI, we use local sophos users (no external AD used) and we can log in to the user portal without any problems.
    After I've activated OTP, with "All users must use one-time passwords" and "Auto-create OTP tokens for users" checked, not able to login. 

    If I disable OTP the login works again just fine.


    Any help would be greatly appreciated.

  • Go to Authentication Services / One-time Password / OTP Tokens

    Scan the bar code for user using Google Authenticator app

    Then logon to portal with username and password plus code generated from Google Authenticator

     

    That's it

  • Many more thanks Patrick for your response.

    I can manually add the OTP Token and can get bar code from "Show Token QR Code" of that user. and scan from Google/ Sophos Authenticator.

    My issue is , after I create any user, he/she should get QR Code in his/her first login, which is not coming.

  • Hi Patrick,

    Users are not available to Webadmin team, as working from separate Geo-Location. So how User can scan QR code from Webadmin portal, if QR code is not available during the initial login at User portal.

  • I suggest you open the online help and make sure all the settings and note indicating everything is correct.  I just test and mine is working as expected.

    I created a new user account and login via the user portal and it popup with the bar code token.

     

    Good Luck

  • Navigate to

    Management... User Portal....   "Advanced" Tab

    "Disable Portal Items" section

    Remove the check from "OTP Tokens"

    Click [Apply]

  • Hi Douglas,

    Thanks for the response. This solution was also quite logical, but not working.

    I have Disabled "OTP Token" and re-enable from "User Portal" --> Advance Tab.

    Then I create a new User and check from user portal, but user-portal did not through QR code automatically for new user.

    I restarted the Sophos UTM Server, and retried user portal, no QR code came Automatically.

    Additionally I have disabled "One-time password service status" from "Authentication Services" and Enabled the same. Still no improvement.