TOTP
Since version 4.3.0, Passbolt supports creation of TOTP (Time-based One Time Password).
TOTP is a mechanism that generates a unique and temporary password based on the current time. This dynamic code can be used on its own or in combination with a static password, offering an additional layer of security compared to traditional password-only systems.
- iOS
- Android
iOS
On the iOS application, there is a new section called “TOTP”
![iOS - Empty TOTP](/docs/img/help/2023/10/totp_menu.png)
In order to create a new TOTP, you’d need to click on “Create”
![iOS - TOTP Creation](/docs/img/help/2023/10/totp_creation.png)
That will open a menu that will let you choose between scanning a QR code or create a TOTP manually, for this tutorial we assume that you’d need to create it manually.
For the TOTP manual creation, you will have to fill three fields:
- Name, which is the label of the resource
- URL, which is the fullBaseUrl of the resource
- Secret, the secret from the TOTP provider
![iOS - TOTP Configuration](/docs/img/help/2023/10/totp_manual_configuration.png)
You do have the possibility to link this TOTP to an existing password but that’s optional. You can also create a standalone TOTP instead.
![iOS - Link TOTP to an existing password](/docs/img/help/2023/10/totp_linked_to_password.png)
There is also an advanced settings part in order to adjust the expiry, length and algorithm
Advanced settings have to match the TOTP provider settings otherwise it won’t work.
![iOS - TOTP Advanced Settings](/docs/img/help/2023/10/totp_advanced_settings.png)
Once created, you will see a success message “TOTP has been created.” then you will be able to preview the TOTP code when you need it.
![iOS - TOTP Preview](/docs/img/help/2023/10/totp_code_preview.png)
Android
On the Android application, there will be a new section called “TOTP”
![Android - Empty TOTP](/docs/img/help/2023/10/totp_android_empty_totp.jpg)
In order to create a new TOTP, you’d need to click on “+” icon
![Android - TOTP Creation](/docs/img/help/2023/10/totp_android_creation.jpg)
That will open a menu that will let you choose between scanning a QR code or create a TOTP manually, for this tutorial we assume that you’d need to create it manually.
For the TOTP manual creation, you will have to fill three fields:
- Name, which is the label of the resource
- URL, which is the fullBaseUrl of the resource
- Secret, the secret from the TOTP provider
![Android - TOTP Configuration](/docs/img/help/2023/10/totp_android_configuration.jpg)
You do have the possibility to link this TOTP to an existing password but that’s optional. You can also create a standalone TOTP instead.
![Android - Link TOTP to an existing password](/docs/img/help/2023/10/totp_android_link_to_password.jpg)
There is also an advanced settings part in order to adjust the expiry, length and algorithm
Advanced settings have to match the TOTP provider settings otherwise it won’t work.
![Android - TOTP Advanced Settings](/docs/img/help/2023/10/totp_android_advanced_settings.jpg)
Once created, you will see a success message then you will be able to preview the TOTP code when you need it.
![Android - TOTP Preview](/docs/img/help/2023/10/totp_android_code_preview.jpg)