Automating Multi-Factor Authentication (MFA)

Automating Multi-Factor Authentication (MFA)

With the RPA.MFA wrapping pyotp library, you can generate one-time passwords to sign in to services and sites that enforce multi-factor authentication.

The common setup flow is as follows:

  1. Login into the web platform as usual, then go to security settings and register a new authenticator app (as you normally do with Google Authenticator or Authy).
  2. Proceed throughout the instructions and choose "different auth app" if such an option is available.
  3. You'll get to a QR code that contains a secret key.
  4. Store the secret securely in the Robocorp Control Room Vault.
  5. Scanning the QR code with your mobile app will enable you to finish the registration process quickly.
  6. Finish registration by entering the 6-digit code obtained with your smartphone or the Get Time/Counter Based Otp keyword.

Now you should be able to authenticate with your usual credentials and the immediately requested OTP without any manual intervention, fully automated!

Examples

Microsoft

https://mysignins.microsoft.com/security-info

  1. Add a sign-in method
  2. Authenticator app
  3. QR code and secret
  4. Code confirmation

GitHub

https://github.com/settings/security

  1. Configure authenticator app
  2. App setup
  3. QR code and secret

Google

https://myaccount.google.com/security

  1. 2-Step Verification
  2. Authenticator app
  3. Change authenticator
  4. QR code
  5. QR secret

Discover more robots