Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 2880 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Prefill password in Sophos VPN

Clothia C

Hi,

I have to enter a password in Sophos VPN. The first part is always the same and the second is changing every 30 seconds.

Can I prefill Sophos VPN with username and the first part of the password?

Cheers

Clothia



This thread was automatically locked due to age.
  • 0 in reply to apijnappels

    I open my SSL VPN client and press CTRL-ALT-A and it fills in the credentials. At the end it opens The Keepass entry for some strange reason.

    Plus I am rejected from Sophos login, because of wrong credentials.

    If I am adding the password (CTRL+C - CTRL+V) and use AuthPoint to get the 6 digits it works.

  • 0 in reply to Clothia C

    Try to add an autotype entry with the same settings but then for notepad application.

    You can then SEE what is being sent. If you don't want to show the password, then you can just leave out {password} but especially you will want to see {timeotp} and match if this is correct with what your authenticator app is generating.

    If they are different, then first check the time on both the firewall and the device with the authenticator app. Also if time is correct on both, then double check that you have actually a HEX secret and not maybe a Base32 Secret. If your secret only consists of A-Z in capitals and the numbers 2-7 then you should use BASE32 and not HEX. If you secret contains 0-9 and A-F characters then its Hex.

    See the Keepass website for more information on how to configure one or the other.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to Clothia C

    I can see the OTP on a new line, probably you have {USERNAME}{TAB}{PASSWORD}{ENTER}{TIMEOTP} still. You can manually adjust the order to {USERNAME}{TAB}PASSWORD}{TIMEOTP}{ENTER}

    Also you can check in notepad whether the 6-digit number is the same as the one from your authenticator device.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    I do have timeotp-enter and the number is not the same as from my authenticator device.

    Strange.

  • 0 in reply to Clothia C

    You'll most likely need to choose another field name (with a different source), see keepass.info/.../placeholders.html

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Unfiltered HTML