Physical HMAC-Based One-Time Password - HOTP - token is a way to verify a user's identity using a code generated, similar as a virtual HOTP tokens, but in the physical device. If the user has enrolled this token, when asked to enter the one-time-password (OTP) when logging into the application, the user reads OTP from the device and insert into the system. If the OTP is entered correctly, the user's identity is verified and the login occurs.

The difference between HOTP and TOTP types of tokens is that HOTP generates OTP based on some instruction - most often a button that is on the device itself. TOTP, on the other hand, generates a new OTP every 30 seconds or so.

Physical HOTP token enrollment process

1

Choose the Physical HOTP template from the Token type drop down menu.

• The template name depends on administrator settings

2

Optionaly fill Description field of the token.

• The display of the Label field depends on administrator settings

3

Insert serial number from the device into the Serial number field.

4

Generate new OTP on the device and insert it into the OTP field.

5

Generate new OTP on the device and insert it into the OTP2 field.

• Entering two consecutive OTP is used for correct synchronization of the token.

6

Press SAVE button to finish the enrollment and to activate the token.

Physical HOTP token test process

1

Press the button on your device and get the displayed OTP.

2

Insert the OTP to the OTP field.

3

Press the button TEST.