Page Contents



Jump to...






What is OTP?

What is One-Time Password (OTP)? Is it the same as 2FA/MFA?

One Time Password refers to technology that requires users to authenticate during login with an additional temporary PIN. This PIN is valid for a single login session, and it is sent to the device or app that the user has in his/her possession. Exostar provides three types of OTP credentials: Exostar Mobile IDOTP Hardware Token, and Phone OTP

We use the terms OTP, 2FA (two-factor authentication), and MFA (multi-factor authentication) interchangeably, to mean the two-level protection for applications hosted in our system. The first level consists of the traditional user ID and password combination. The OTP provides the second layer of protection. 


Credential Requirements by Partner

What credential do I need?

The OTP requirement depends on your partner. Review the table below to see acceptable credentials by partner. If you cannot find the information, please contact Exostar Customer Support or the representative of your partner.


Application/Customer Name

Acceptable Credentials

Boeing Supplier Portal

User ID, Password + OTP Hardware Token password

User ID & Password + FIS MLOA Hardware Certificates

Enterprise Access Gateway (EAG)

NGC OneBadge

Boeing SCP

OTP Hardware Token with Proofing

Elbit - PIM

User ID + Password & Phone OTP Without Proofing

Information Manager - HII

User ID & Password + FIS MLOA Hardware Certificates

DOD CAC

NGC OneBadge

Lockheed Martin Aeronautical

Aero JTD

CSAS Web F-16

EDCS Airlift

EDCS F-16

EDCS Palmdale

F-22 Fleet Management Tool

LM AeroSource F-35 Production

Lockheed Martin OneAero

Online Account Request System (OARS)

Transportation Management System

User Acceptance LM AeroSource

User ID, Password + FIS Basic Certificates OR

User ID, Password + OTP Hardware token password

User ID & Password + FIS MLOA Software Certificates

User ID & Password + FIS MLOA Hardware Certificates

Enterprise Access Gateway (EAG)

NGC OneBadge

Lockheed Martin Procure to Pay (LMP2P)

User ID, Password + Phone OTP with Proofing

User ID, Password + Exostar Mobile ID with Proofing

User ID, Password + OTP Hardware Token with Proofing

Enterprise Access Gateway (EAG)

User ID & Password + FIS MLOA Hardware Certificates

Raytheon Supplier Portal

User ID, Password + Phone OTP with Proofing

User ID, Password + OTP Hardware with Proofing

Enterprise Access Gateway (EAG)

User ID & Password + FIS MLOA Hardware Certificates

Rolls-Royce Global Supplier Portal

Either of the following credentials are acceptable depending upon the application you need to access within GSP:

User ID, Password + FIS Basic Certificates OR

User ID & Password + FIS MLOA Software Certificates

User ID & Password + FIS MLOA Hardware Certificates

Enterprise Access Gateway (EAG)

NGC OneBadge

Supply Chain Platform - NNS

User ID & Password + FIS MLOA Hardware Certificates

DOD CAC

NGC OneBadge



Purchase an OTP

I know what I need now, but how do I start the purchase?

To complete the purchase, log into your MAG account, and follow the steps below:

Step 1. Log into your MAG account.

Step 2. Go to your My Account tab and to the Manage OTP sub-tab.

Step 3. Click Purchase or Register Credentials and follow the prompts to complete your purchase.


OTP Login

Do I always have to login with my OTP?

Yes, if your applications require an OTP credential for access. If you skip OTP during the login, you will receive the Login Requirements Not Met message when trying to access these applications.


I did not use the OTP during login, and now I can't access certain applications. What should I do?

If you logged in without your OTP credential, you can elevate your security to OTP after you are already in MAG. To do so, complete these steps:

Step 1.  From the Home dashboard view, click My Account.

Step 2.  Click the Manage OTP sub-tab.

Step 3.  From the Manage OTP section of the page, click Elevate.

Step 4.  Follow the prompts to login with OTP.

The credential strength (located in the upper right corner of the page), changes from Username and Password to your OTP credential type.   



I am no longer prompted to login with my OTP credential. What should I do?

If the system no longer prompts for your credential during login, your credential is most likely expired. To renew your credential, follow these steps:

Step 1.  Log into your MAG account, and click Billing and Support located in the upper right corner.

Step 2.  To renew expired credentials, click Subscription Renewals from the blue banner (top of page).

Step 3.  Select the product from the drop-down menu, and select Available Renewals

Step 4. Click Add to Cart. Follow the prompts to complete your renewal.


OTP Sharing

Can I share my OTP credential with someone else?

No, credentials cannot be shared. Each user requires their own credential. Sharing credentials is a violation of Exostar’s policy.



I have not activated my OTP credential.  Can I give it to someone else?

If you have not activated the credential, it can be given to someone else, as long as the license key (provided at the time of purchase) has not been used.



Lost or Stolen OTP

My OTP credential has been lost or stolen. What should I do?

We recommend suspending the credential if you think it might have been misplaced. However, if you suspect it was stolen, revoke your credential immediately.



FIS MLOA

I have FIS Medium Level of Assurance (MLOA) Hardware Digital Certificates. Do I still need to purchase an OTP credential?

No, FIS MLOA Hardware allows you to access all applications. For more information on Federated Identity Service (FIS), please click here.