Enter credentials in form but don't submit them
Many of our devices are 2FA. The 2FA method is appended into the password.
So I would login as such:
user
password<otp>
Users have private vault entries containing "user" and "password". We want the prompt for the session to pop-up and fill in both username and password but not actually submit it, so we can append the OTP to the end and submit it.
I don't think I see a way to do it today, can we get a feature request in for this?
All Comments (3)
Hello,
What kind of entries are you using, both for storing your credentials and for connecting to remote machines?
If you're currently using Username/Password type credentials, I could suggest using the RSA SecurID type. The way it works, the PIN you enter acts as a 'password', and when you use this credential, it will prompt you for a code that will be appended at the end of the PIN. Perhaps this could work for you, since you can store the password in the PIN field, and then add the OTP when connecting.
If you're using Webbrowser entries, it's also possible to disable the "auto submit" in the login tab. For other connection types, it's not really possible to postpone the login process and append another value.
Let me know what you think of those options, otherwise we would be happy to look into other solutions or a feature request for you.
Regards,
Hubert Mireault
Boom, RSA SecurID worked perfectly.
It may make sense to rename this to something a big more generic since the model of "append to the end of password" is used by many auth mechanisms. Specifically I'm using it with yubikey in this case.
Thanks so much!
Glad this works for you!
At the time of adding the credential, we didn't find a better name but we'll keep this in mind, as indeed it would be clearer for our users what RDM is capable of. 🙂
Regards,
Hubert Mireault