Protecting TOTP Codes

In today’s digital world, securing your online accounts is crucial. Multi-factor authentication (MFA) adds an extra layer of protection by requiring something you know (your password) and something you have (a time-based one-time password or TOTP) to access your accounts. Keeper helps you store and autofill these TOTP codes, making the authentication process faster and more secure.

Storing TOTP Codes in Keeper

Keeper supports time-based one-time passwords (TOTP) to enhance your security for two-factor authentication (2FA). By integrating TOTP codes into Keeper, you can safely store them within your records, alongside your login credentials. This integration allows you to easily retrieve these codes for websites or services that require them, streamlining the login process.

For example, when you enable MFA on a service like Office 365 or Google Workspace, you’ll typically be asked to scan a QR code or enter a secret key into an authenticator app. With Keeper, you can save these TOTP keys directly in your vault. Simply scan the QR code or enter the secret key into Keeper, and you’ll have your TOTP code securely stored and ready for use whenever you need it.

Filling TOTP Codes with KeeperFill

Browser Extension

When you store login credentials and time-based one-time password(TOTP) codes within Keeper, the Browser Extension can automatically enter the appropriate TOTP code when you’re logging into a site that requires two-factor authentication (2FA). Here’s how it works:

Automatic TOTP Code Entry:

• If the website you're logging into has both login credentials and a TOTP code saved in your Keeper vault, Keeper will automatically detect the TOTP field and fill in the correct code for you.

Context Menu:

• Two-factor codes can also be selected and filled directly from the right-click context menu. Right-click on the TOTP field, choose Keeper, and then select the proper record title and Two-Factor Code to fill into the field.

Accessing TOTP Codes from the Browser Extension Menu:

• You can also click on your account in the Keeper Extension menu (found in your browser toolbar). The extension will display the most appropriate record associated with the webpage you're currently on, making it easier to retrieve the correct login details and two-factor code.

• From there, you can either autofill both the login credentials and the TOTP code, or copy the TOTP code manually to paste into the proper field.

Mobile Apps

Keeper’s mobile apps for both Android and iOS offer a smooth experience when managing your TOTP codes. Here's how it works:

• iOS

  • Automatic TOTP Code Entry: When your login credentials and TOTP code are stored in your Keeper vault, Keeper’s autofilling browser extension, KeeperFill, will suggest the appropriate records at the top of your keyboard when you're logging into a website or app that requires it. If Keeper can't automatically match a record, you can manually launch the extension via the "Passwords" button or the key on the upper right of the keyboard. From there, you can search for the desired record.

• Copying a TOTP Code: When you view a record that contains a TOTP, you can tap the Fill button within the Keeper extension to automatically copy the code to your clipboard, ready for pasting into the appropriate field. Alternatively, you can tap the "two-factor code" field in the record itself, and this will copy the code to your device's clipboard.

• Android

  • Automatic TOTP Code Entry: Keeper will suggest the appropriate records at the top of your keyboard when you're logging into a website or app that requires a TOTP code, if you have a matching record stored in your vault.

• Copying the TOTP Code: If automatic copying of a two-factor code doesn't occur, you’ll need to tap the TOTP field within Keeper. After doing so, a notification will appear, letting you know that the code has been copied to your clipboard and is ready to be pasted.

Troubleshooting TOTP Code Discrepancies

Why TOTP Codes May Differ Between Devices:

If you notice that the TOTP codes generated on your mobile device differ from those on your desktop or browser extension, this is often due to a time mismatch between the devices. Since TOTP codes are time-sensitive, even a few seconds of difference can result in codes that don’t match.

To resolve this:

1. Set Device Time to "Automatic": Ensure that both your mobile and desktop devices are set to automatically synchronize their time with a reliable time server. On most devices, this can be done by enabling the “Set Automatically” option in your date and time settings.

   1. On iOS/Android: Go to your device’s settings, find the Date & Time settings, and enable “Set Automatically.”

   2. On Desktop: Check your computer’s date and time settings to make sure they’re synced with the correct time zone and server.

This will ensure that your TOTP codes remain synchronized across all devices, allowing you to enter the correct code for login.

Security Best Practices for TOTP Codes

While Keeper ensures your TOTP codes are securely stored and managed, here are some additional tips for maximizing your security:

• Never Share Your TOTP Key: Keep your TOTP secret keys private. Only store them within Keeper, and never share them with anyone.

• Use Strong Master Passwords: Your Keeper vault is only as secure as your master password. Use a strong, unique password to protect your vault.

By using Keeper to store and autofill your TOTP codes, you not only protect your accounts with an extra layer of security, but you also streamline the 2FA process. Keeper’s integration with your browser and mobile devices makes managing TOTP codes hassle-free, while keeping your credentials and codes safely protected.