Using TOTP as a MFA Token

MFA Prompt is shown to the end user

A user who has configured TOTP or Smartcard authentication can use either option upon request. when an MFA prompt appears, a user can use their smartcard at the screen the left or click, "Use authenticator app" to use TOTP.

MFA Prompt asking user to enter 6 digit code

The prompt will change and ask the user to enter the current code for their TOTP pair.


Setup Smartcard Support for Card Readers and Cards

  1. Download and install OpenSC, an open source utility for cards and card readers. 
  2. Launch the Smartcrypt agent and login. The user will receive a prompt requiring the smartcard to be entered.
  3. Once Smartcard is present, the PIN code for the Smartcard will be required
  4. The Smartcrypt Icon in the System Tray will update when the card was accepted and remains plugged in


Manage and Setup Support for TOTP



Smartcrypt top menu icon is clicked

To add a TOTP authenticator, click the system tray and select My Account

MFA Account Settings is clicked by end user

From the My Account Screen, click the link to Manage MFA

Add TOTP in SEM is shown to end user

The end user's machine will open a web browser and open the Smartcrypt Multi-Factor Authenticators page. This is the application where a user can "manage" the pairs they have for their account. End users can delete existing pairs (if they are lost or compromised) or add new pairs (like a new authentication device). Click, "Add TOTP Authenticator" to move to the next step.

MFA pair name and Token in the SEM is shown to the end user

The user will need to use an Authenticator App (like Google Authenticator) to either take a picture of the QR Code or enter in the secret. To successfully add a pair, the user needs to define an arbitrary name and the correct code for the present time associated with the secret.