Use this guide to install and provision the Windows SecureAuth OTP Client Application to use for 2-Factor Authentication.

The SecureAuth OTP Windows Desktop Client application has been deprecated and replaced by the new SecureAuth Passcode for Windows v2.0.1 client application. This version still functions, but is not supported and may no longer be downloaded.


1. Minimum System Requirements:

  • Operating System
    • Microsoft ® Windows XP® SP3 (32-bit)
    • Microsoft ® Windows 7® (32-bit or 64-bit)
    • Microsoft ® Windows 8.1® (32-bit or 64-bit)
    • Microsoft ® Windows Server 2008 R2® (32-bit or 64-bit)
    • Microsoft ® Windows Server 2012®
    • Microsoft ® Windows Server 2012 R2®
  • Disk Space
    • 100 MB of free disk space
  • Memory
    • 512 MB of free memory

2. Configure the OATH Provisioning Realm in the SecureAuth IdP Web Admin

The Windows Desktop Client Application supports both Single (OATH Seed) and Multi (OATH Token) configurations for SecureAuth IdP versions 8.1+

Installation Steps


1. Download the SecureAuth OTP for Microsoft Windows client application from the SecureAuth Downloads page

2. Open the SecureAuthOTP_1.1.8.msi file

Security Warning


3. If a Security Warning appears, then click Run to initiate the installation

SecureAuth OTP InstallShield Wizard

4. The InstallShield Wizard window opens, and click Next to continue

5. Review the Current Settings, and click Install

6. Wait for the InstallShield Wizard to install the client application to the device

7. Click Finish once the installation is complete

Provisioning Steps


1. Open the client application from the Start Menu, and provide the Server URL, which is the SecureAuth IdP OATH Provisioning realm

If using SecureAuth998 as the provisioning realm, then only the domain name is required, e.g.; if using a different realm for the OATH Provisioning, then the entire FQDN and realm name are required, e.g.

2. Click Start

3. Follow the configured workflow, which may include 2-Factor Authentication

Shown in the image is Username + Password Only (on 1st page)

4. Set the PIN if required in the OATH Provisioning Realm configuration, and click Continue

5. Confirm the PIN, and click Continue again


6. Once the provisioning is complete, the client application displays the one-time password (OTP) that can be used for 2-Factor Authentication

When the application is opened, the OTP window appears (after PIN entry if required)

The blue bars on the left side indicate how much time remains to use the OTP for login

Click the copy icon on the right-side menu (first option) to copy the OTP for easy input into the login page

Click the tools icon on the right-side menu (second option) to reprovision the client application

End-user Experience


1. To use the Windows SecureAuth OTP Client Application for 2-Factor Authentication, initiate the login process in a realm that enables OATH OTPs as a second factor option (configured in the Registration Methods tab of the realm)

2. Follow the configured workflow

3. Once on the 2-Factor Authentication methods page, select Soft Token - Windows from the list of options, and click Submit


4. Launch the Windows SecureAuth OTP Client Application, and click the Copy icon to copy the OTP

5. Paste the OTP from the OTP Client Application onto the login page, and click Submit to gain access to the realm