OTP-Entry for M365 MFA Accounts - The application and account may not contain the ':' character.

Hello,

Just to be sure I understand, was the ":" character accepted in the previous version before updating ?

Best Regards,

Hi Zachary,

We have the same problem since the updating, before this update the character was accepted, and it must be accepted because it is the default format for many OTP configuration...

Do you have any update on this?

Thanks,

Hello,

The library we use for generating OTPs and QRCodes does not support the colon character. It was causing issues for some of our users since they entered an application or account name containing ":" and it was failing.
Currently, for OTP entries that already contain these characters, they are internally replaced by the "_" character for resolving the OTP/QRCode. But as you've noticed when saving the entry we don't allow saving if there are ":" in those fields.

We have opened a ticket to find a different library that would support those characters, but for now this is the expected behavior.

Regards,

Hello,

Is it not possible to automatically replace the character both internally and in the entry?
Or just interpret it internally and not show this error when editing the entry?

We have a lot of entries that we update regularly, and it is tedious to have to replace the characters on all of them...

Best regards,

Hello,

The information saved into your OTP entries can be edited and replaced using the "Edit (Special Actions)" -> Custom PowerShell Command":





You would need to replace the value between the "Replace_With_An_Account_Without_This_Symbol" and then run the command:

$connection.Credentials.OTPQRCodeAccountName, = "Replace_With_An_Account_Without_This_Symbol"; 
$RDM.Save();

To apply this change on multiple entries at once, simply select more than one entry and run the same command.

Best regards,

ok, to reopen this issue: this is still a problem and a bit misleading, as the application and account name are not neccessary to create a valid OTP, at least not for office 365 - so why not ignore this restriction?

Hello,

Thank you for coming to us with this problem.

The issue was never closed, in fact the engineering ticket linked to this forum is still opened.

I will let our engineers know about your comments however and get back to you with news

Best regards,

Any updates on this issue. We just upgraded from a older 2021.x.x to 2023.2.8.0 and found the same issue.

Hello,

According to the internal ticket regarding this for our developers, there's no update for this yet.

I will see if I can get an update from them regarding this.

Best regards,

Thanks. Please remind the dev Team, that we are paying customers and this was something that worked in previous versions.

Hello,

We will make sure to provide an update as soon as we have more information to share with the community.

Best regards,

Hello,

We have made some changes that will be available starting with RDM 2023.3.16.0, which we are planning to release next week.

You will be able to save the "application" and "account" fields with the ":" character within them, just like before we added a restriction. The only thing to note is that the ":" will be replaced by "_" when it comes to generating the QR code, as the library we use doesn't support the ":" character in these fields. An appropriate warning will be written explaining this behavior in the OTP UI. The OTP code itself is not affected by these changes, only the QR code that RDM can generate.

Regards,