I have been working on captive portal for a while now and I want my users to use LDAP + TOTP to authenticate.In this case having the password and token in the same field is not really user friendly for end users.Especially when using "Token + Password" the token may expire before the user types in the password if it is really long.If there is a work around to separate these fields I would really appreciate.
You can do this in a custom template.
Obeng, this is not what you are looking for, but may help. You can change the TOTP from the first 6 values entered in the password field to the last 6. This way the "time" limit would effect them entering the TOTP in -30 seconds. If they need more time, you could also extend the expiration of the token in seconds.