One Time Code
If, when you log in, an additional step "Login - Validation" appears after your username and password, your organisation has activated the one time code as a second factor. OpenOlat then sends you a confirmation code by e-mail, which you enter to complete the login. This page explains what a one time code is and how logging in with it works.
What is a one time code?
A one time code is an 8-digit confirmation code that OpenOlat sends you by e-mail during login. It serves as a second factor (two-factor authentication) in addition to your password and is valid only for the current login.
A valid e-mail address must be stored on your account, otherwise the code cannot be delivered.
How to log in with a one time code
- Enter your username and password as usual.
- OpenOlat shows the step "Login - Validation" and sends you an e-mail with the subject "Validation code for \<instance name> Login".
- Open the e-mail and copy the 8-digit code into the "Confirmation code" field.
- Click "Login" to complete the sign-in.
If the code is wrong, the message "Validation code (OTP) is not valid" appears and you can enter the code again.
I did not receive a code
On the validation page, click "Resend the email". OpenOlat generates a new code and sends it to the stored e-mail address. All previously sent codes then become invalid. Check your spam folder as well. If no e-mail address is stored on your account or the code repeatedly fails to arrive, contact your support.
Relationship to Passkey
One time code and Passkey do not exclude each other:
- If only the one time code is activated, you log in with your password and a code sent by e-mail.
- If Passkey is also activated and you have a passkey stored, the passkey acts as the second factor. The one time code then serves as a fallback in case no passkey is available yet.
Whether and which methods are active is determined by the administration.