Time-Based One-Time Password Multi-Factor Authentication Challenge

aka TOTPMFAC omfgwordsman

First, seed your authenticator app:


Using the Secret String...

Secret: I65VU7K5ZQL7WB4E

... or the Secret String QR Code


Second, Login!


Challenge: Most modern and secure web applications use multiple factors of authentication to ensure you are who you say you are. This makes it harder to automate authentication during scanning. The challenge is to use a TOTP API to complete the automated authentication to this page.

Hint: You'll be forced to make a macro with Javascript events, and leverage a machine-accessible TOTP app. Maybe this will help?

How to log in:

E-Mail: totp@authenticationtest.com
Password: pa$$w0rd
MFA Code: This is provided by your TOTP (Authenticator) App