One-Time Password (OTP) is a two-factor authentication scheme that utilizes system-generated, random passwords in addition to standard user name and password credentials. When users submit the correct basic login credentials, the system generates a one-time password, which is sent to the user at a pre-defined email address. The user must retrieve the one-time password from their email, then enter it at the login screen.
Each one-time password is single-use. Whenever a user successfully enters a valid user name and password, any existing one-time password for that account is deleted. Unused one-time passwords time out according to the time-out value set on the Users > Settings > User Session Settings interface. You can enable one-time password on a Local User or Local Group basis.To configure one-time password for Local Users, see Adding Local Users, or for Local Groups, see Creating a Local Group.
To use the one-time password, the appliance must have access to a correctly configured SMTP server. If OTP is enabled for administrators, without access to a correctly configured SMTP server, all users needing an OTP will not be able to log in. In this case, you would need to log in through the command line console to disable their own OTP, by entering the following commands in the serial console (assumes SonicWall NSA 3500 appliance):
NSA 3500> configure
(config[NSA 3500])> no web-management otp enable