Using generic TOTP as authentication for Zero Trust application policy
I would like to get away from the default OTP option which sends an email with a code, and instead make use of (what I think of as) the generic code generator in 1Password. By that I mean it's not "Microsoft Authenticator" or "Google Authenticator", it's just been compatible with pretty much any QR code that generates a TOTP for most websites. I don't know if it is a brand or standard that has a name. In any case, I didn't recognize it in the options I'm given in the screenshot.
4 Replies
ATM, I don’t think any auth provider uses only TOTP, but you might be able to build your own
So if I understand, there has to be a service behind the TOTP code, and that's where Google, Azure, Facebook, etc. come into play? As just a hobbyist, building my own sounds dreadful.
No, I mean that afaik all current auth providers require you to enter your username/password combo first before using TOTP. No one is just offering TOTP to my knowledge
Oh, that's no problem then. I would be okay with entering a username + password + 30-second TOTP, which is much less cumbersome than going to retrieve it from my email.
I would just prefer to get the code from 1Password, rather than some other app