One Time Password
On this page
Authelia supports Time-based One-Time Passwords generated by apps like Google Authenticator.
![Second Factor OTP Authentication View](/overview/authentication/one-time-password/2FA-TOTP_hu0f050cbbaf54f6648876264bfe9aec14_25172_300x0_resize_q85_bgffffff_lanczos_3.jpg)
After having successfully completed the first factor, select One-Time Password method option and click on Register device link. This will e-mail you to confirm your identity.
NOTE: If you’re testing Authelia, this e-mail has likely been sent to the mailbox available at https://mail.example.com:8080/
Once this validation step is completed, a QR Code gets displayed.
![Second Factor OTP Registration View](/overview/authentication/one-time-password/REGISTER-TOTP_huf40e17d24c1ce4599009abe0c39631f7_21453_400x0_resize_q85_bgffffff_lanczos_3.jpg)
You can then use Google Authenticator or an authenticator of your choice to scan the code in order to register your device.
![Second Factor OTP Registration View](/overview/authentication/one-time-password/google-authenticator_huedb2bfbb5178af79b6e3238f2189547b_83352_150x0_resize_q85_bgffffff_lanczos_3.jpg)
From now on, you get tokens generated every 30 seconds that you can use to validate the second factor in Authelia.
Limitations
Users currently can only enroll a single TOTP device in Authelia. This is standard practice, as a user can obviously register a second device with the same QR Code. As there is no tangible benefit and it is harder to keep track of multiple devices it’s not a feature we will implement.