Overview

OpenOTP Token is a mobile authenticator application available on iOS and Android systems, provided by RCDevs. It offers second-factor authentication capabilities, including push notifications, eSignature, and badging features with the OpenOTP server.

How To Install OpenOTP Token

iOS devices

From your iOS device, open the App Store application, look for OpenOTP Token, and click on the download icon.

OpenOTP Token

After installation, click on the application icon on your smartphone to open it.

Android devices

From your Android device, open the Google Play Store, look for OpenOTP Token, and click on the installation icon.

OpenOTP Token

After installation, click on the application icon on your desktop to open it.

First Start of OpenOTP Token Application

When you run the application for the first time, you are prompted for authorizations required by the application.

The first authorization is to allow OpenOTP Token to access your location for Anti-Phishing protection. Press the Allow button to improve security.

The next authorization screen is for Notifications.

OpenOTP Token

Notifications are used for Push Login requests, eSignature/PSD2 requests, auto-badging notification and push Token removal.

OpenOTP Token
OpenOTP Token
OpenOTP Token

Authorizations are done for now. On the next screen, you will be able to set a password to protect the application. Enter your password twice, and the next time you open the Token application, the password will be required.

OpenOTP Token
OpenOTP Token
OpenOTP Token
OpenOTP Token

You are now on the application interface.

OpenOTP Token

When you click on the camera icon, another authorization will be prompted to authorize the application to access the camera. The camera is used by OpenOTP Token to scan QR codes and enroll new tokens. Click the OK button.

OpenOTP Token

Token Enrollment

With a QR Code

Through the WebADM Admin GUI or Self-Services, you can enroll a Token by scanning a QR Code.
When you have the QR Code on your screen, open the OpenOTP Token Application and click on the camera button. You can now scan the QR Code with your camera.

OpenOTP Token
OpenOTP Token

After scanning the QR Code with the application, a Token is now enrolled on your phone:

OpenOTP Token

Your Token is ready to be used.

Manual Enrollment

The OpenOTP Token application offers you the possibility to enroll a Token manually. On the first application screen, click on the camera button. Finally, click on the + button at the bottom to enter manual token registration mode.

OpenOTP Token

Now you have to define the following settings:

  • Account: This is your account name (e.g.: administrator).
  • Issuer: It's generally your company name.
  • Algorithm: You can choose the algorithm between SHA1, SHA256, or SHA512.
  • OTP Length: 6 or 8 are the possibilities.
  • Key Format: The key format is also editable between Hexadecimal, Base32, & Base64.
  • Key: This is the secret key used for code generation.
  • Time-Based: Enable this setting if you want a time-based Token; if this setting is not enabled, the token will be event-based.
OpenOTP Token
OpenOTP Token

After completing the previous information, you can click on the Save button.

OpenOTP Token
OpenOTP Token

This information should be reported on the server-side to be able to use this new token.

Token Management

When you are on the Token list screen, you can click on the pencil icon on the top right. You are now in Edit mode.

OpenOTP Token

Edit mode allows you to rename or remove your Token(s). If you click on the pencil icon next to a Token, you can rename the Token. I will give a short name to this one:

OpenOTP Token

And click on the Save button:

OpenOTP Token

Now, I can see in my Tokens list that my Token was successfully renamed.

We will now remove a Token through the OpenOTP Token application. Click again on the pencil icon on the top right and enter edit mode again. Select the Token you want to remove:

OpenOTP Token

And click on the Delete button. You will be prompted to enter the passcode defined at the first start:

OpenOTP Token

Enter your passcode and the Token will disappear from your Token list:

OpenOTP Token

Application Settings

When you are in the OpenOTP Token application, some settings can be defined in the configuration menu:

  • Access lock-in: This is the time after which your password will be required to unlock the application.
  • Biometric protection: Instead of using a passcode to unlock the application, you can use the biometric functionality available on your phone (Touch ID or Face ID).
  • OTP by voice: The OTP code will be spoken.
  • Phishing protection: Phishing protection will use your location to prevent phishing attacks. If a phishing attack is suspected, the OpenOTP Token application will prompt you with a screen like below.
OpenOTP Token
OpenOTP Token
OpenOTP Token

Application History and Logs

OpenOTP Token has a history feature that allows you to review authentication attempts. You can access it directly from the settings menu.

OpenOTP Token

For troubleshooting purposes, you can access the application logs by navigating to the Settings menu and clicking five times on the Version number.