The 4Passwords Authenticator
One Time Password Management

The goal of the 4Passwords Authenticator is to efficiently and securely use online or offline cached One-time Passwords (OTP’s) across many devices. The One-time Passwords are shared and stored within a Thycotic On-premise of cloud based Secret Server.

The 4Passwords Authenticator is a client-side app that runs exclusively in a client’s browser and computer. The app will never send any data to any other system or website than the configured Secret Server within the app. Once the application is downloaded from either 4Passwords.com, 4pa.app or your own hosted servers, then the app will receive and send data through the browser app with the configured Thycotic Secret Server and its enabled web services API.

The optional offline cache is protected by a passphrase that encrypts your OTP keys inside the app or browser cache with 256-bit AES encryption.

Free for secretserver users

4PA's key features

Efficiently share and update One-time Passwords within an organization.
Retrieve One-time Password keys from a centrally configured Thycotic Secret Server and a predefined Authenticator template.
Provide an Online and encrypted Offline cache mode.
Create a preferred list of favorited One-time Passwords, separate from the native Secret Server favorited secret list.
Safe and load application settings, offline passphrase and the favourites list in a personal folder secret stored centrally in a Thycotic Secret Server.
Administrators can prepare an Autodiscover companywide preference secret that can assist all users within a secret server to find the preferred Authenticator template. This can be set per domain.
Cross platform usage on any mobile and desktop web browser that supports java script.

What are One-Time Passwords?

One-time Passwords, short for (OTP’s) are also known as Google , Microsoft, TOTP Authenticators, and or as MFA, Multi-factor, 2FA, Two factor Authentication keys. One-time password provide an additional security layer for your login with a password.

All One-time Password techniques do in principle the same: During an authentication process the server requests a client enter a Two factor response challenge. The server will calculate a number based on a shared key and the current time. As the client and the server both hold the same key and if the time on the client and server are in sync then the client and server can generate the same number if they both hold the same key. The client can then respond correctly to the Two Factor challenge without exposing and or communicating its key across the network. only the result is communicated

To not use Two factor Authentication is simply not secure enough.

The challenge with traditional One Time Password tools are that the security keys are stored on each client and server separately.
This key is mostly presented once to the user while configuring or enrolling Two Factor for a login, often this key is stored in a single traditional Authenticator app with no auditing or other methods of updating or sharing these keys. When this key is lost, you cannot login anymore. replacing the One-time passwords on many systems or sites is then a lot of manual work and complicates things a lot, especially in the case of shared or privileged accounts. The result is that often Two factor authentication is not implemented at all, while the shared and high privileged accounts within the organisation should be protected with this extra security layer.

The 4Passwords Authenticator & Secret Server enables organisations to implement One Time Passwords everywhere