Home
Contents
CLOSE
AuthLite Interactive Documentation
FEATURES: What can AuthLite Do? TOKEN TYPES: What "Factors" are supported? INSTALL: How and where to install AuthLite? CONFIGURE AuthLite for your needs CHOOSE USERS: Choose 2-factor Users ENFORCE 2-factor Logons ADMINISTER AuthLite Tokens LDAP logon support/enforcement VPN and RADIUS Configuration How to Log In Event Logging
CLOSE
Entering 2-factor credentials into Remote Desktop Connection client (RDP)
Entering 2-factor credentials into Remote Desktop Connection client (RDP)
Entering 2-factor credentials into Linux SSH
Entering 2-factor credentials into Linux SSH
OATH token (Google Authenticator) logon
OATH token (Google Authenticator) logon
Windows workstation with AuthLite installed
Windows workstation with AuthLite installed

AuthLite supports several different ways to supply credentials.  Which method you choose may be constrained by the application or logon protocol you are using.  For example the application may not tolerate an OTP in the username field, or the authentication protocol could hash the password field contents, rendering useless any OTP entered into that field.

For YubiKeys:

  • Enter a YubiKey OTP in the username field (instead of the username), then enter password as normal.  Supported most broadly, although some third-party applications can't handle seeing something unusual in the username field.  Or,
  • Type username as normal, then enter (password followed by OTP) into the password field. Only supported if AuthLite is installed on the server requesting authentication and the password field is not hashed).  Or,
  • Type username as normal, then enter (OTP followed by password) into the password field.  Same limitations as above, except a bit worse because the YubiKey will auto-”tab” after the OTP is entered, which places you out of the password field.

For OATH OTPs:

  • Enter your username followed by a dash “-” followed by the OTP code shown on your oath token.  Then enter password as nomal.  Supported most broadly, although some third-party applications can't handle seeing something unusual in the username field.  Or,
  • Type username as normal, then enter (password followed by a dash “-” followed by the OTP code) into the password field.  Only supported if AuthLite is installed on the server requesting authentication and the password field is not hashed).  Or,
  • Type username as normal, then enter (OTP followed by a dash “-” followed by your password) into the password field.  Same limitations as above.

Please see below for links to further information.