Forum / Remote Desktop Manager - Feature Request

HowTo use Credentials with OTP from private Vault within a Entry of the public Database?

  • Create an Issue
  • Cancel

I want to add https-entries to our MS-SQL-Datasource. The entry itself is available for all RDM-users. Each user has it's own credentials and OTP for the https-site. I can remember a tutorial where each user added his personal creds to his private vault and has to use 'userspecific Settings' to force the use of his personal creds from private vault for the specific entry on the public datasource. This works fine for RDP-Connections.

Is it possible to combine this with OTP?

Usecase: a webportal with login-form where username, password and OTP is requested.

I could not manage to autofill all these 3 fields from credentials of my private vault.

Is this possible at all and how do I do this?

Clock3 mths

Hello,

Does the OTP is always the same information? As example, is it a client number like 123456?
If yes, it may be possible to send the information via the domain field, however, I would need to understand better where the OTP information's in stored.
Could you post some screenshots?

Also, is this a public URL? If yes, could you provide us the URL so that we can do some tests internally.

Best regards,



Jeff Dagenais

signaturesignature

Clock3 mths

Yes the OTP - token is a 6-digit number which is generated every 30 seconds out of a security-key. In RDM you can set up a 'credential'-entry of the type 'OTP' where you just insert the base security-key. Just like every 2-Factor-Authentication where you scan the original security-key with your OTP-Generator like Google-Authenticator.

The Url is a non-public WebUI-admin interface of a 'securepoint UTM' with the Login-Form-Fields 'user', 'password' and 'OTP'.

In the http/https-entry-settings I can provide 1 credential-entry to be used for auto-filling. But the major question for me is: How can I get username, password and OTP into one 'credential entry' ?

** yes 2FA with OTP is not meant to be stored aside with username and password but that is another question. **

Clock3 mths

Hello,

I will see if this can be achieved by setting up an environment to test this scenario.
Maybe that something could be done using the "Custom Fields" to store your Username and Password in your OTP credential entry.

I will notify you as soon as I have more information on that matter.

Best regards.



James Lafleur


signaturesignature

Clock3 mths

Hi,

I did some more testing on the scenario.

We can store individual Logins (username and password) in the 'personal credentials' (File -> my account preferences) and I can use them in public datasource entries via 'my personal creds'.
We can also also store individual Logins (username and password) in the 'private vault' (and set it to 'global available') and I can use them in public datasource entries via 'private vault search'.

The entry-type 'Web-Browser (http/https)' also has an option 'OTP Preferences' where I can select the source 'repository creds'. Here I am missing the option to choose an entry from a folder on connect like it is possible to choose from a 'password list' !

If we had a credential-type 'OTP list' like 'password list' my problem would be solved.

My wish is: User connects to the 'web-browser' entry and is asked for a username, password and OTP (which is different for each database user). The user picks the apropriate creds from either 'personal credentials' or 'private vault' pop-up and all three web-form fields are automatically filled.

Since 2 factor authentication is forced on more and more services it becomes a pain to find the correct token on the authenticator-app on the smartphone.

I was not successful using the "Custom Fields" upset

Clock2 mths

Hello,

I will contact our engineering department on that matter. This seems to be something that could be added as a feature request.
I will notify you as soon as I have more information on that topic.

Best regards,



James Lafleur


signaturesignature

Clock2 mths

Hello,

Just to make sure that we are on the same page, you would want a "Private Vault Search" in the following window?
OTP

Best regards,



James Lafleur


signaturesignature

OTP.jpg
Clock29 days

yes - exactly!

Clock29 days

Hello,

Great! In that case, I will move your demand to the feature request section of our forum.

For further reference, the ticket number is RDMW-1579

Best regards,



James Lafleur


signaturesignature

Clock29 days