Skip to main content
Skip table of contents

The One-Time Password Parameter


One-time passwords allow you to improve the security of Windows Client computers, be requiring users to enter a one-time password while logging into the Client computer.

NOTE: This feature is only available with an activated serial key for the Enterprise Edition of Ekran System.


If the Allow the use of one-time passwords checkbox is selected (on the Editing Client / Editing Client Group page, on the Authentication Options tab, scroll down to the Two-factor and Secondary Authentication section) to enable this option, and trusted users (i.e. Approvers) who can approve access are selected in the Users Who Can Approve Access drop-down list below it, a user will be able to request access to the Client computer from the specified Approvers. Users added as Approvers can process one-time password requests either by email (if an email address is defined for the specified users) or on the Access Requests page in the Management Tool. By default, if a request is not processed within 30 minutes after it has been submitted, it will automatically expire (where this default value can be changed on the System Settings tab on the Configuration page).

If the Automatically send a one-time password to Active Directory users checkbox is selected (on the Editing Client / Editing Client Group page, on the Authentication Options tab, scroll down to the Two-factor and Secondary Authentication section) to enable this option, a one-time password will be generated on the user’s request, without requiring approval, will be automatically sent to the email address specified in the Active Directory user account.

If the Automatically send a one-time password to internal users checkbox is selected (on the Editing Client / Editing Client Group page, on the Authentication Options tab, scroll down to the Two-factor and Secondary Authentication section) to enable this option, a one-time password will be generated on the user’s request, without requiring approval, will be automatically sent to the email address of the Ekran System internal user.


NOTE: The "Allow the use of one-time passwords" option cannot be enabled at the same time as "Enable secondary authentication on login" option.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close