Support for copying TOTP tokens when adding a new TOTP device

When a user adds a new MFA device using TOTP (such as “Google Authenticator”) the secret should be displayed in a manner that the user can copy-paste the secret into their preferred authenticator application.

Currently, Okta supports displaying the 2FA secret as a QR code or, in case scanning doesn’t work, as a string of characters. This string, however, can’t be copied. Users must resort to workarounds like using the browser’s web development tools to inspect the page and extract the TOTP secret. Providing a copy-paste feature would help users sign up more safely and securely.

You’ve already attempted this?
" To configure an account manually, perform the following steps:

  1. On your phone, start Google Authenticator and tap the + icon.
  2. In the username field, enter your Okta username (for example,
  3. On your computer, click the Can’t scan link so that you can access the secret key and enter it in the Key field.
  4. Click Done .

The pass code generator screen appears and generates pass codes to use when prompted for extra verification. You have 30 seconds to enter the pass code before it generates a new one.

Using the Google Authenticator App

After you install and configure Google Authenticator, click on the app and use the six-digit number to authenticate when prompted.

Revoking or Reconfiguring the Google Authenticator App

You can remove Google Authenticator as a factor by unchecking it in the factors list. To reconfigure it, remove it, and then add it back in."

The user should be able to copy and paste the string from Google Authenticator in this scenario.