Introduction
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single login session. OTPs are much more secure than static passwords as they are only valid for a short amount of time thus offering protection from replay attacks. Using an OTP means that you no longer have to worry about weak or guessable password composition habits. Also, OTPs greatly help mitigate risk in the case that you are sharing credentials on multiple accounts and systems. OTP uses AES-256-bit encryption in IT Glue.
Once you use a third-party authentication application to generate a secret key, you can safely store your new OTP code in IT Glue. The OTP code will be punctuated with spaces in the user interface but the spaces will be removed when pasting the code. The secret key is not available in the user interface as most users need to use the 6-digit code from IT Glue and not the secret key.
Prerequisites
Users with Read-Only or Lite roles must have access to the password to view and copy the OTP.
Users with Creator and above roles must have access to the password to view, copy, add, and delete the OTP.
Ensure your device time is synced with internet time. If your device times are not in sync, the OTP code will fail.
iOS devices: Navigate to Settings > General > Date & Time. Tap to toggle the Set Automatically switch to off. Wait a few seconds and toggle it back on.
Android devices: Tap Settings, enter Date and time in the Search Settings bar, and then open Date and Time settings. Tap to toggle the Automatic date and time switch to off. Wait a few seconds and toggle it back on.
Instructions
Important. For best results, please ensure the device you are documenting or viewing an OTP from has its time set automatically by your operating system. Or, reset your system clock to Network Time Protocol. The OTP generator is reliant on your local device's clock to produce the 6-digit string.
Creating OTPs for new passwords
General passwords
In IT Glue, navigate to Organization > Passwords. Click + New > Password.
Enter your secret key in the One-time Password field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long.
Note for Office 365 users:- In the prompts to set this up from Office 365, click the I want to use a different authenticator app link.- Then on the next page click on Can't scan image?This secret key generated is compatible with IT Glue.
Click Save.
Embedded passwords
Navigate to Organization > Configuration. In the Embedded Passwords section of the side panel, click Add Password. Complete the fields and click Add to save your new password.
Navigate back to Organization > Password and click to open the password you created in the last step. In the password show page, click Edit in the top-right corner.
Enter your secret key in the One-time Password field from any third-party authentication application that you used to create the OTP. The secret key must be at least 16 characters long and use Base32 formatting.
Click Save.
Note: You can only create, view, and edit an OTP for an embedded password in its show page. You will not be able to complete these actions directly in the Configuration side panel to which the embedded password belongs.
Viewing OTPs for existing passwords
Password list view
Navigate to Organization > Passwords. In the table, a check mark displayed in the OTP column indicates that OTP has been generated for that particular password.
Password view page
Navigate to Organization > Passwords. Open the password view page and click Show OTP to view the six-digit string as well as the remaining time of validity. Use the Copy to clipboard button to copy the OTP.
Note: Currently, the Copy to clipboard function will only work in the Safari browser if the Show OTP field is expanded.
Global Passwords page
Navigate to Global > Assets > Passwords. In the General tab, you can filter the OTP column to “Yes” to view all passwords that have OTP generated.
Search function
Launch the search function in IT Glue. Any password with OTP generated for it will display in the preview pane. You can also click Show OTP to view the six-digit string as well as the remaining time of validity directly in the preview pane.
IT Glue Mobile App
In the mobile app, you can view and copy the OTP generated for a password. Click the eye icon to view the six-digit string as well as the remaining time of validity. Click the eye icon again to hide the string and time bar.
IT Glue Chrome Extension
In the Chrome extension, you can view and copy the OTP generated for a password. Click Show OTP to view the six-digit string as well as the remaining time of validity. Use the Copy to clipboard button to copy the OTP without viewing it.
Exports
Exports will indicate if a password has had OTP initiated for them.
Editing existing OTPs
Edit password page
Navigate to Organization > Passwords and open the password record. You will not be able to view or edit the secret key. Click the Clear button to remove the secret key if you have a Creator or above role in IT Glue.
Password revision confirmation page
Once you click Save, an orange banner will appear providing a link to the last saved version of the password record. Click the link to action that version.