How to access the TOTP token for a credential

Prev Next

This document provides information on how to view and use the TOTP token of a credential for authentication. TOTP stands for Time-Based One-Time Password, a type of two-factor authentication (2FA) that adds a layer of protection to your access. On Segura® Platform, you can use this type of authentication directly on the credential.

Requirements

  • The credential must have a TOTP secret key configured.
    • For the TOTP feature to work properly, your secret key must be entered in upper case.
  • Permission to view passwords or start sessions. More information in PAM - Access Policies.

Access a TOTP authentication token

  1. On Segura® Platform, in the navigation bar, hover over the Products menu and select PAM Core.
  2. In the side menu, select Credentials > All credentials. A list of all credentials will be displayed.
  3. In the Actions column, click Details to open the Credential screen.
  4. In the credential details screen, you’ll find the Token OTP field in the Details section. This is your authentication token, which is renewed automatically every 30 seconds. Copy and paste this token into the page you want to log in to.
Info
  • The TOTP token can be used for manual authentication in scenarios where session automation isn’t possible.
  • You can accelerate the generation of the OTP Token using the refresh button, represented by the icon with two clockwise arrows. This way, you can accelerate the display of the next token when the old one is about to expire. Note that if the new token hasn’t yet been generated, the token update in the Token OTP field won’t occur.

Important considerations about automated access to social networks

When accessing social networks, it's important to note that you’ll face challenges related to the dynamics of the platforms. These challenges can impact your interaction with social networks when using the Segura® Platform’s TOTP automation and may include:

  • Frequent updates: social networks frequently change the structure and layout of their pages. These changes occur without warning and can prevent automation templates from working properly.
  • Dynamic security checks: social networks implement strict security measures. Checks such as location confirmation, CAPTCHAs, and other validations beyond the control of Segura® Platform are common. These checks can also vary from user to user and session to session. Because of this, security checks, such as Trust this browser, may be required with each new access.

In some cases, social networks implement security mechanisms against attacks and unauthorized access. If the password for a social network can't be changed automatically, access the social network through Segura® Platform to make sure you don't have to solve a CAPTCHA. If it's necessary, solve the CAPTCHA manually so that the automatic change works. We recommend that you don't change your password more than twice a day, as some social networks implement extra checks in these scenarios for security reasons.