How to use OTP for logging in and pushing code

Introduction

One time passwords, or OTP, is a password that is generated on some period (at srchub it's every 30 seconds). With OTP the accepted scheme is that it's something you know (a regular password) with something you have (a OTP generator).

Google has been using it for years with their google accounts.

Activating

To activate simply login to your account, edit your profile and there should be a field called "Add OTP Key". If you don't already have a premade key - click on generate that will create a random one for you.

After you click on generate you should see a QR code that you can scan with Google Authenticator - or any other OTP generator such as this one.

Be sure to save your profile after you generate the key!

Misc

If you have a OTP key - you will be required to enter your OTP on every push with Subversion and Mercurial. Also if you plan on browsing the raw repos and if you have a private repo you will be required to re-enter your credentials every 30 seconds.

Your password is in the form:

{OTP}{old login password}

ie

123456password