Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.

Allow for customization of labels when using TOTP

Idea ID 2783951

Allow for customization of labels when using TOTP

Typically, when you enroll a device using a TOTP authenticator app like Google's or Microsoft's, after you enroll, the account shows up with the name of the application or vendor and the login ID. But with Adv. Auth. both values just show up as "Netiq", which is meaningless. Those values need to be able to be customized.
8 Comments
Micro Focus Expert
Micro Focus Expert
Macros or something like that to be able to filled in. For example user logs into Enrollment Portal and their REPO\Username is displayed.
Captain
Captain
This really should be set up to show this as it does with other products including NAM. It should also be configurable in the Oath OTP Method. I mentioned this to MF 2 years ago on 5.6 version, and can't think why this is still not be taken up and fixed, because to me this is more of a bug than an enhancement request. It makes the ToTP unusable and unprofessional looking beside other implementations
Captain
Captain
Following up on my comment, it is not as if achieving this is at all difficult. The labels of the TOTP authenticator in question arise from the QR code generated by the appliance. The QR code is simply this formatted URL: otpauth://totp/[account_name]?secret=[secret_key]&issuer=[Website_Title] On the AA appliance the account_name and website_title are both replaced with NetIQ. On the TOTP class on NAM for instance, the account_name is fixed as the user's email address, and the website_title, the IDP's hostname. We just need AA to do similar, or better, add a configurable policy that allows overriding which user attribute for the account_name and identifiable website_title. Seems such an easy an obvious win!
I agree. I have made a program to test the AA api calls and made my own QR-code and it was easy to modify the labels. When you have multiple accounts for different environments it's vital to have this otherwise it gets very difficult to select the correct one. And we are advanced users, for normal users MFA is difficult and with these labels they will get lost.
Cadet 3rd Class
Cadet 3rd Class

I would agree on that, that for normal users would be confusing to use MFA without proper label, especially with increasing number of apps that require MFA

Cadet 3rd Class
Cadet 3rd Class

This is becoming more of an issue as more and more applications require MFA using authenticator apps. It would help to reduce any end user confusion and likely reduce help desk calls, and therefore costs leadding to an improved service.

Micro Focus Contributor
Micro Focus Contributor

Got a request from a customer to automatically identify the QR code with the user and domain.

We really need this in the product when registering the TOTP.

MicroFocus/NetIQ this, and other UI wishes are asked for and voted for. I hear sales saying x%. 20-30 if I remember correctly, of the time should be devoted to consumer wishes.  This has 18 votes is top voted in tha last 30 days and is from 2018 (!). So please react.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.