TOTP with Static Password Prefix
Posted: Fri Apr 16, 2021 1:38 am
Hi all,
I'm using Viscosity against a Sophos UTM firewall that is not under my control. It is using username/password based authentication, HOWEVER, the password is of the following format:
<static secret key><TOTP>
where <static secret key> is a static string that changes only yearly and the TOTP is the TOTP assigned to my account. On connecting, I always have to type the static secret key, which is quite long, plus the TOTP.
(See e.g. step 5 in https://www.fastvue.co/sophos/blog/two- ... istrators/)
I'd like to automate this somehow.
Is there a way to tell Viscosity to only ask for the the TOTP and then build the password given a format string or something?
I also own a Yubikey 5 NFC, is there a way to get rid of the typing at all, such that I can tap the button on my yubikey and that's it?
Thanks for any pointers how I could achieve this
Alex
I'm using Viscosity against a Sophos UTM firewall that is not under my control. It is using username/password based authentication, HOWEVER, the password is of the following format:
<static secret key><TOTP>
where <static secret key> is a static string that changes only yearly and the TOTP is the TOTP assigned to my account. On connecting, I always have to type the static secret key, which is quite long, plus the TOTP.
(See e.g. step 5 in https://www.fastvue.co/sophos/blog/two- ... istrators/)
I'd like to automate this somehow.
Is there a way to tell Viscosity to only ask for the the TOTP and then build the password given a format string or something?
I also own a Yubikey 5 NFC, is there a way to get rid of the typing at all, such that I can tap the button on my yubikey and that's it?
Thanks for any pointers how I could achieve this
Alex