One-Time passcode: the advantages of HOTP/TOTP

One-Time passcode - HOTP-TOTP

We are happy to announce that Thinfinity Remote Desktop now supports 2FA natively in all its editions.
Thinfinity now counts with a built-in HTOP/TOTP server that enables you the advantage to add an extra layer of security to your projects using free and paid 3rd party Identity platforms.
Supported platforms:

    • Google Authenticator
    • DUO Mobile
    • Microsoft Authenticator
    • Okta Verify

Now you can enable an authentication experience to your environment that is accepted by all the most popular Cybersecurity frameworks.
To configure the One-Time passcode on Thinfinity Remote Desktop, you will have to add the authentication method on the tab “Authentication”, go to the tab “2FA”, and add the option “TOTP.”
One-Time passcode (HOTP/TOTP)
If you want to make the Second Factor Authentication compatible with Google Authenticator, check the “Google Authenticator Compatible” checkbox.
One-Time passcode (HOTP/TOTP)
You can also specify which authentication method you will use on the tab “Methods”:
One-Time passcode - HOTP-TOTP
You can also specify which authentication methods will use 2FA, using the “Enabled first-step authentication methods” :
One-Time passcode (HOTP/TOTP)
Click on ‘Apply’ after you finish configuring all available options.
Next time the user authenticates on the Thinfinity Login page, he will be prompted to scan a QR code for matching his user to a Second-step Code Generate App:
One-Time passcode - HOTP-TOTP
After matching the user with the Second-step Code Generate App, enter the verification code and click on ‘Continue’:
One-Time passcode - HOTP-TOTP
The next time the user authenticates, the QR code will be replaced by the following image:
One-Time passcode - HOTP-TOTP
If the user lost access to its Second-step Code Generate App and needs to be reset, this can be done from the Server Manager.
Click on the ‘Reset 2FA key for user’ , search for the username, and click ‘OK’:
One-Time passcode - HOTP-TOTP
One-Time passcode - HOTP-TOTP
If the user needs help remembering his username, it can be verified by using the ‘I don’t have access to my authentication device’ button.
One-Time passcode - HOTP-TOTP
If you have any questions regarding this blog entry, you can leave a comment below or send us an email at [email protected]
Cheers!

Comments (2)

Once you have your QR code you would also have the option to use the code to burn a programmable hardware token. You could either use an NFC programmable TOTP oath token (such as the SafeID/Diamond token), or you could use one of the FIDO keys that can also generate TOTP or HOTP 6 digit codes (in both cases the buring process will scan the QR code and transfer the seed data in the QR code to the hardware token/fido key).

Will this work with Authy?

Leave a comment

Privacy Preferences
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.