menu

Overview

One-time passwords (OTP) are six-digit numeric passwords generated by a combination of a secret key and a time. The OTP generated at the same time will have the same value regardless of which application is used.
It is possible to use an OTP generated on a mobile device when logging in on a PC.

In order to use OTP, you need to register your authentication device in advance.
Please prepare an OTP client application that supports RFC6238 (TOTP: Time-Based One-Time Password Algorithm) and register it from the Authentication Device Settings screen in the user profile. For more information, please refer to the "OTP authentication device registration procedure".

Be careful not to let others know the "encoding value of the private key" of your one-time password.
If it is known to others, please reacquire (delete and register) it.

Deletion of authentication factors

  1. Click on the ︙ (three vertical dots) in the top right-hand corner of the authentication factor to be deleted.
  2. Click on "Delete device".
  3. Click "OK" when the message "Do you want to delete XXX?" is displayed.

[Attention]
When you have only one authentication factor registered, you will not be able to access the system from off-campus if you delete the authentication factor. Please make sure that another authentication factor are registered before deleting the authentication factor.
(e.g. register a non-JAIST email address for OTP (email) before deleting the Authenticator's OATH device).

Exporting Secret Key for OTP

When you are replacing the PC/smart phone that was being used as an OTP device or you want to set up an environment to generate OTP multiple devices, please refer to the following page for OTP migration.
Exporting One Time Passwords (OTP)