Page 1 of 1

More information on the technicalities of OTP technology

PostPosted: Mon Apr 18, 2016 9:27 am
by manja
I would like to know more about the recovery OTPs in lastpass. Please explain to me what happens behind the scenes, technically.

Re: More information on the technicalities of OTP technology

PostPosted: Mon Apr 18, 2016 10:04 am
by jpenny84
Information on how one time passwords work can be found here: https://lastpass.com/support.php?cmd=showfaq&id=4735

Re: More information on the technicalities of OTP technology

PostPosted: Tue Apr 19, 2016 3:41 am
by manja
Hello

Thanks for your reply. I am looking to understand how does the Email or SMS token activate the OTP.

So there is an OTP which is generated when you login to the browser extension and it is hidden somewhere, not being accessible to user. When I forget my password, I click on the "Forgot Password" link and I enter my Email ID. Then I get an Email with a link. I click on this link and the hidden OTPs are suddenly activated and I can login.

Now please tell me how the Email link does it?

Re: More information on the technicalities of OTP technology

PostPosted: Sat Apr 23, 2016 9:40 am
by dmitrijLP
manja Wrote:Hello

Thanks for your reply. I am looking to understand how does the Email or SMS token activate the OTP.

So there is an OTP which is generated when you login to the browser extension and it is hidden somewhere, not being accessible to user. When I forget my password, I click on the "Forgot Password" link and I enter my Email ID. Then I get an Email with a link. I click on this link and the hidden OTPs are suddenly activated and I can login.

Now please tell me how the Email link does it?


SMS recovery is basically the same as desktop recovery as it uses the OTP cached via add-on enabled in your browser, you can check this very detailed reply from Amber explaining how it works:

https://community.spiceworks.com/topic/ ... -forgotten

https://lastpass.com/support.php?cmd=showfaq&id=9722