Append OTP to Password in Credentials

Hello,

The behavior you describe should be able to work with the RSA SecurID credential. You can enter a username, a PIN (which is like a static password), and when the credential is resolving, it will prompt for a code. RDM then concatenates the PIN and the code. Let me know if this works in your scenario.

Regards,

@Hubert: Is that credential type available on OSX? I am not seeing it

I spoke with Ethan yesterday about possibly using variables to pass the OTP value to a concatenated string, but I am going to need some more help on that option if that is indeed possible...

I'm not sure if at the moment it would be possible to work with macros, as you would need to be prompted for a value (OTP) as part of the macro, and we currently don't have a way to achieve this. We already have a feature request ticket open for adding this functionality. Unless I'm forgetting an option, RSA SecurID would be the option (at least for RDM on Windows).
If you're curious about using a macro to achieve a specific workflow, in case you find the need, we have a help topic here: https://help.remotedesktopmanager.com/settings_events_autotypingmacro.html

As for the availability on OSX, it's possible that it's not yet available. I'll ask our OSX team leader to check.

Regards,

Hi bapillmore,

This credential is not yet supported in RDM Mac. I will raise the priority on the ticket and post back here when it is done.

Best regards,

Hi bapillmore,

RSASecurID will be available on RDM MAC in version 2020.2.6.0.

Best regards,

Hi All,


Was this delivered? I still do not see the RSA credential type.

I am only now looking into this again, so if the RDM platform has progressed and there is indeed a way to append an OTP to a static string and pass the concatenated value as a password, I would like some guidance on how to do that.

Thanks!

Hi,

If you are talking about RDM Mac, the RSA SecurID credential entry has been there since the version 2020.2.6.0:

It's only available on the Enterprise version though. Are you using the Free? We also have an opened ticket to allow linking OTP Credential entries to sessions so the OTP is appended to the password on launch. This has not been done yet though.

Best regards,

Hi Xavier,


Indeed I am on the free version :(

Do you happen to know when the OTP linking will be available?

Thanks!

Hi,

I do not have an ETA yet for this. It's definitely not in the next release since it's already being tested for release. I'll rise the priority of the ticket and I'll post back in this ticket once it is available. We'll try to have it into 2021.1.8.0.

Best regards,

Thanks, Xavier - and I am guessing the Free version will not see this or the RSA credential added?

Since the OTP entry is available in RDM Free, the linking will also be available in the Free.

ok cool - so as long as I have my RSA key set up as an OTP, this should solve my issue?

Yep. That's pretty much why we're adding this. This seems to be quite an in demand feature. Just to be sure, you've confirmed that the OTP entry itself works properly for you?

It works perfectly - just need the ability to append it in a given session so I can stop clicking the little "copy to clipboard" button and have one-click access to my connections that require a UN, Password+Token :D

Hi D_LETE,

In RDM 2021.1.10.0 (only Mac for now), it's now possible to link an OTP entry to a session and configure it to append the one-time password to the session password on launch:
Best regards,

@Xavier

That works amazingly well - thanks!

This is literally perfect.

I'm very glad to hear it!

Do not hesitate if you have any other suggestions or issues.

Best regards,

Is there a supported way to add separating character between the password and the OTP?
like comma (,) between the password and the otp. P@ssw0rd,123456
Prepend to the password currently doesn't. P@ssw0rd123456

Hi,

This is not possible at the moment.

I'm curious about the use case for this, you have a server/services that expects its authenticating password to contains the password and the one time password separated by a coma (,)? Could you elaborate on this particular case?

Best regards,

My particular case is with DUO MFA and RADIUS clients that do not support the MFA prompt.
For example, Cisco ASA configured with DUO as the only one factor of authentication or RDS Gateway which can only use one field for password.

DUO's solution to this cases is to type the password then comma and then the otp token all in the password field.

Alright, I will open a feature request to allow a separator string between the password and OTP.

Best regards,

Ah! And just to confirm, are you using the Windows, macOS or Linux version of RDM?

windows version

Hello,

This should be available on the latest version of RDM Windows. Let us know if this works for you.

Regards,