Account login guide

XIVLauncher OTP: How the FFXIV One-Time Password Field Works

The OTP box in XIVLauncher is only for the current six-digit Square Enix one-time password generated by your registered authenticator or security token. If your Square Enix account does not have one-time password protection enabled, leave the OTP field empty. Never enter your normal account password twice.

Quick answer: what goes in the XIVLauncher OTP box?

Enter the temporary one-time password shown by the authenticator, software token, or physical security token currently registered to your Square Enix account. The code changes frequently and should be used immediately.

Leave the box blank when you have never enabled a Square Enix one-time password. The field is not asking for an email code, Steam Guard code, Windows PIN, launcher verification code, or a second copy of your regular password.

Which credential belongs in each login field?

XIVLauncher field What to enter Common mistake
Square Enix ID Your Square Enix account ID used for FFXIV. Entering a character name, email alias, Steam display name, or Mog Station nickname.
Password Your normal Square Enix account password. Using the six-digit OTP here or reusing an old saved password.
One-time password / OTP The current code from the registered authenticator or token; otherwise leave it blank. Entering the normal password again, an expired code, or a code from a different Square Enix account.
Official Goatcorp screenshot showing the automatic one-time password checkbox
Official project screenshot from the Goatcorp XIVLauncher FAQ.

Official Goatcorp screenshot

Only enable automatic OTP entry after you understand the account flow

The official Goatcorp mobile OTP guide shows an option for automatically entering the one-time password. This is a convenience feature, not a replacement for registering an authenticator with Square Enix.

Treat any automation that can access account credentials as sensitive. Use only the official project instructions, protect your phone and computer, and do not share exported shortcuts, tokens, recovery details, or screenshots containing live codes.

How to sign in with an FFXIV one-time password

  1. Confirm OTP is enabled. Sign in to the official Square Enix account system or Mog Station and confirm that a software authenticator, supported authenticator app, or security token is registered. If none is registered, do not invent a code.
  2. Open the registered authenticator. Generate a fresh code immediately before login. Check that the account label matches the Square Enix account you are using in XIVLauncher.
  3. Enter your normal credentials first. Type the Square Enix ID and normal account password in their own fields. The OTP is a separate temporary credential.
  4. Enter the current OTP once. Use the newest code and submit before it rotates. Avoid spaces, copied punctuation, or codes left in the clipboard from an earlier attempt.
  5. Stop after repeated failures. Do not keep guessing. Recheck device time, account mapping, registration status, and official account notices before trying again.
Official Goatcorp iOS screenshot for the XIVLauncher mobile OTP shortcut
Official Goatcorp mobile OTP guide screenshot; interface text may change with iOS updates.

Mobile workflow

A mobile shortcut can reduce typing, but the code still comes from your authenticator

Goatcorp documents an iOS shortcut flow for users who intentionally configure mobile OTP handling. The screenshot is useful because it shows that the workflow is a deliberate setup process rather than a magic code supplied by XIVLauncher.

For most users, manually opening the registered authenticator and entering the current code is simpler to audit. If you use the shortcut, follow the official instructions exactly and review every permission requested by iOS.

Why an XIVLauncher OTP may be rejected

An invalid OTP message is usually an account, timing, or registration mismatch rather than an installer problem. Work through the checks below before reinstalling XIVLauncher.

The code expired

Wait for a new code, enter it once, and submit promptly. A code copied near the end of its time window may expire before the login request reaches Square Enix.

Phone time is incorrect

Authenticator codes depend on accurate device time. Enable automatic date, time, and time zone, then reopen the authenticator.

Wrong account or token

Players with multiple Square Enix accounts can accidentally use a code registered to another account. Verify the authenticator label and Square Enix ID.

OTP registration changed

A phone replacement, token removal, emergency removal, or authenticator migration can invalidate the previous setup. Use Square Enix account support for recovery.

Copied extra characters

Paste operations can include spaces or stale digits. Retype the current numeric code carefully and avoid password-manager field confusion.

Account service issue

If valid credentials suddenly fail, check official Square Enix maintenance and account notices. Reinstalling the launcher will not repair an account-side outage.

Official Goatcorp screenshot of editing the iOS XIVLauncher OTP shortcut
Official Goatcorp screenshot showing the iOS shortcut configuration process.

Advanced convenience

Review every shortcut field before saving mobile OTP automation

The official guide includes an iOS shortcut editing screen. If you choose this route, verify the shortcut source, inspect the actions, and keep account identifiers and secrets private.

This guide does not recommend sending passwords or live OTP codes to third-party services. XIVLauncher should be downloaded from the official Goatcorp release, and Square Enix account recovery must stay within official Square Enix channels.

Security boundary

A one-time password helps protect the Square Enix account, but it does not make third-party launchers or plugins official. XIVLauncher remains a community project and is not endorsed by Square Enix.

Never post a live OTP, password, emergency removal password, recovery code, QR setup secret, or authenticator export. Support staff and community helpers do not need those secrets to diagnose a normal login field question.

Do I need an OTP to use XIVLauncher?

Only if a one-time password is enabled on your Square Enix account. If the account has no registered authenticator or security token, leave the XIVLauncher OTP field blank.

Is the XIVLauncher OTP my regular password?

No. Your normal password belongs in the password field. The OTP is a separate temporary code generated by the authenticator or token registered to the same Square Enix account.

Why is my FFXIV one-time password not working?

The most common causes are an expired code, incorrect phone time, a code tied to another account, changed token registration, copied spaces, or an account-service issue.

Can XIVLauncher generate my Square Enix OTP?

XIVLauncher is not the authority that registers or recovers Square Enix one-time passwords. Use your registered authenticator and the official Square Enix account system. Goatcorp documents an optional mobile shortcut workflow for advanced users.

What if I lost the phone or token used for OTP?

Use the official Square Enix recovery or emergency removal process. Do not create a new launcher account, share recovery secrets, or rely on unofficial account-recovery offers.

Should I reinstall XIVLauncher after an invalid OTP error?

Usually not. OTP rejection is normally related to the code, device time, account mapping, or Square Enix registration. Reinstall only when there is a separate launcher installation problem.