Skip to content



Time -based one -time password algorithm(English:Time-based One-Time Password,Abbreviation:Totp)It is an algorithm based on the one -time password based on the pre -shared key and the current time。It has been accepted by the Internet engineering task group as RFC 6238 Standard [1],Become active open certification(OATH)Cornerstone,It is also used in many important provenial verification systems。

TOTPIt is a latency authentication code(HMAC)One of them。It combines a private key and the current timestamp,Use a password scale to generate a disposable password。Different network delay and clock may cause password receivers to try to encounter the correct time to verify multiple times,Time stamp usually takes 30 seconds as the interval,To avoid repeated attempts。

In specific multiple factors verification applications,User verification steps are as follows:A user enters the user name and password on the website or other server,Totp using a local smartphone or other devices to generate a disposable password and submit it to the server,And enter the one -time password to the server at the same time。The server runs TOTP and verifies the input disposable password。to this end,The clock in the user equipment and the server must be roughly synchronized(The server generally accepts client time-1 range(That is, delayed for 30 seconds)Disposable password generated by the time stamp)。Before,The server and the user's device must share a key through a safe channel,Used to all the authentication sessions later。If you need to execute more steps,Users can also use TOTP to verify the server。

Configuration guide#

Enter through the menu bar on the left【Plug -in management】->【Practitioner plug -in management】,Find the OTP authentication factor plug -in card in the plug -in lease page,Click to rent

Enter through the menu bar on the left【Certification management】-> 【Authentication】,Click to create button,Type selection"OTP",Fill in related information,The configuration is completed



Each time a new OTP identity authentication device will cover existing



You need to install client software such as Google Authenticator or Microsoft Authenticator or Freeotp, After scanning,Enter OTP code, Click to confirm




Login process#



If the operation is not timely, OTP code may expire,Just enter the new OTP code