Generate Symantec VIP Access Token as OTP

Recently I came across a web service that required two-factor authentication using the Symantec VIP Access App. I already manage all of my OTP tokens in a different app (If you are on iOS I highly reccomend using OTP Auth by Roland Moers.) and did not want to have to use yet another app to generate the TOTP.

There is a way to generate a Symantec VIP Access compatible token very easily if you have access to an environment which can run Python PIP. I happen to have Ubuntu Windows Subsystem Linux running on my machine. (If you are running Windows 10 and don’t have this you should really check it out.) Let’s get started…​


Here we install python3-pip and qrencode so we can generate our secret, ID, and QR code.

$ sudo apt install python3-pip qrencode

Next we install the python-vipaccess tool from dlenksi’s github repo.

$ pip3 install

Now we are going to generate our VIP Access token

$ vipaccess provision -p -t SYMC

If everything worked correctly you should see the following output.

Generating request...
Fetching provisioning response...
Getting token from response...
Decrypting token...
Checking token...
Credential created successfully:
This credential expires on this date: 2022-03-14T14:57:31.615Z

You will need the ID to register this credential: SYMC54313423

You can use oathtool to generate the same OTP codes
as would be produced by the official VIP Access apps:

    oathtool -d6 -b --totp    5YKAUZA4I4RAIJIZBU4KME34XLODWEUX  # 6-digit code
    oathtool -d6 -b --totp -v 5YKAUZA4I4RAIJIZBU4KME34XLODWEUX  # ... with extra information

You can enter the TOTP secret just after --totp into your password manager or OTP app or in our case we’re going to create a QR code to scan into your OTP app. You should copy and paste the otp auth credential just after Credential created successfully in the previous step now.

$ qrencode -t ANSI256 'otpauth://totp/VIP%20Access:SYMC54313423?period=30&digits=6&issuer=Symantec&secret=5YKAUZA4I4RAIJIZBU4KME34XLODWEUX&algorithm=SHA1'

You should see a QR code on your screen which you can then scan with your OTP app to generate your TOTP codes without ever having to use the Symantec VIP Access app! If you get an error, check to make sure you added single quotes around the otpauth:// string.

For more information on the python-vipaccess tool check out the README.

comments powered by Disqus
Generate Symantec VIP Access Token as OTP
Share this