Skip to main content
Skip table of contents

Managing OTP Policies


TOTP (Time-based One Time Password) is one of the supported two-factor authentication methods which works together with a companion app installed on the user's mobile device.

Currently, the following mobile apps are supported for two-factor authentication processes:

Mobile App


Google Authenticator

Download for Android, Download for iOS

FreeOTP Authenticator

Download for Android, Download for iOS

How does OTP work?

The token generator will hash the current time and a shared secret. The server validates the OTP by comparing all the hashes within a certain window of time to the submitted value. TOTPs are only valid for a short window of time (defined by the OTP Token period).

Configuring the OTP Policy of your organization

As an admin, you can configure the OTP policy, which is used for the validation of one-time passwords.

To configure the OTP policy, perform the following steps:

  1. Navigate to the Policies page.

  2. Click on the OTP tab.

  3. Click on the Edit OTP Policies button in the top right corner.

  4. A dialog will appear. Apply the desired changes and click on the Confirm button.

The new policy will be immediately applied.

OTP Policy Options

The following parameters can be defined to adjust the OTP policy:


OTP Type

The Type of OTP. Currently, only Time-based OTP is supported.

OTP Hash Algorithm

The hashing algorithm which will be used to generate the OTP.

Number of Digits

The number of digits the OTP should have.

Look Ahead Window

Defines how far ahead should the server look just in case the token generator and server are out of sync.

OTP Token Period

Defines how many seconds an OTP token should be valid.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.