I. Product Setup Guides
ExpiredRemote Management TOTP Time-based One-Time Password on a DrayTek Router
DrayTek routers can be managed remotely once management from the Internet has been enabled. This is not enabled by default and must be configured from [System Maintenance] > [Management] by selecting the Allow management from the Internet option.
The next step is to set router's admin password. Instead of a standard password, a more sophisticated authentication method such as Time-based One-Time Password can be used on some newer DrayTek routers.
This article describes steps on how to use TOTP (Time-based One-Time Password) authentication for remote management on a DrayTek router. It's an easy-to-use method that is potentially more secure than SMS or token based 2FA because the user must authenticate with the phone to access the TOTP code.
Below is the list of routers supporting the new feature:
| Router Model | Compatible Firmware Supporting Remote Management TOTP Authentication |
| Vigor 2765 | 4.4.1 or later |
| Vigor 2766 | 4.4.1 or later |
| Vigor 2865 | 4.3.1 or later |
| Vigor 2866 | 4.3.1 or later |
| Vigor 2927 | 4.3.2 or later |
| Vigor 2962 | 4.3.1 or later |
| Vigor 3910 | 4.3.1 or later |
DrayTek Vigor Router TOTP Remote Management Setup
1. Go to [System Maintenance] > [Administrator Password] and select Enable Advanced Authentication method when login from "WAN"
2. Make sure that the Time-based One-time Password (TOTP) option is enabled. Then copy Secret or scan the QR Code
3. Open an Authenticator APP such as Google Authenticator or TOTP Authenticator and enter the Secret or scan the QR Code
The validation code will be automatically generated in the Authenticator App.
4. Enter the validation code generated in step 3, press Verify and OK to save.
5. Configure Remote Management
Once the Time-based One-time Password has been set on the router, go to [System Maintenance] > [Management] to see the router's management options:
If the remote management on the router hasn't been enabled yet, check Allow management from the Internet.
Enable the management options that need to be accessed from the internet; HTTPS, TR-069 and SSL are enabled in this example.
Disable PING from the Internet option when enabled, stops the router from replying to pings sent to the router's WAN IP addresses.
Click OK to continue to save the settings and reboot the router when prompted.
- First Published: 25/03/2022
- Last Updated: 22/09/2022