---
layout: default
title: One-Time Password
nav_order: 1
parent: Second Factor
grand_parent: Features
---

# Time-based One-Time Password

**Authelia** supports Time-base one-time password generated by apps like [Google Authenticator].

<p align="center">
  <img src="../../images/2FA-TOTP.png" width="300">
  <img src="../../images/google-authenticator.png" width="150" class="no-border" style="margin-left: 50px">
</p>


After having successfully completed the first factor, select **One-Time Password method**
option and click on **Not registered yet?** link. This will send you an e-mail to confirm
your identity.

*NOTE: If you're testing **Authelia**, this e-mail has likely been sent to the mailbox available at https://mail.example.com:8080/*

Once this validation step is completed, a QRCode gets displayed.

<p align="center">
  <img src="../../images/REGISTER-TOTP.png" width="400">
</p>

You can then use [Google Authenticator] to scan the code in order to register your device.

From now on, you get tokens generated every 30 seconds that
you can use to validate the second factor in **Authelia**.



[Google Authenticator]: https://google-authenticator.com/