Enable OTP

• Go to Sophos WebAdmin

Navigate:

• Definitions & Users -> Authentication Services -> One-time Password
• enable it

Software Token

Settings

• customize as required

Auto-Generate-Token

Activate

• Go to User Portal
• Login
• Scan QR Code with Authenticator App (e.g. Sophos-/Google Authenticator)

• "Mit Anmeldung fortfahren"

Manually adding Tokens

• generate secret here: Password Generator
  • Letters to Use=HEX
  • Length:64

Login

login schema

Username: username
Password: passwordTOKEN

Hardware Token

Assign token to user

• press the green "+"

• change settings as desired

Login

It's similar to how you login with a software token exept you get the token from the Hardware Token instead of the Authenticator App.