google-authenticator-exporter
KeeFarce
google-authenticator-exporter | KeeFarce | |
---|---|---|
5 | 7 | |
364 | 989 | |
- | - | |
2.2 | 10.0 | |
5 months ago | over 8 years ago | |
JavaScript | C++ | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
google-authenticator-exporter
- Google Authenticator finally, mercifully adds account syncing for two-factor codes
- Vaultwarden, so how do I get my TOTPs in ?
- How to switch from Google authenticator to a different service?
-
Google Authenticator's first update in years tweaks how you access security codes
I just migrated to aegis from Google. I used https://github.com/krissrex/google-authenticator-exporter Which requires you to have nodejs on a computer.
-
Solved: how to switch CDC 2FA from Google to Authy (or anywhere)
Here's the link: https://github.com/krissrex/google-authenticator-exporter
KeeFarce
- KeePass Sicherheitslücke ist ein großes Problem!
- Diskussion um Schwachstelle in KeePass
-
Open source security camera/CCTV apps?
inb4 KeeFarce. It's 7 years old and only works in specific situations.
-
How the Clipboard Works
> isn't securing this one major IMO attack vector an improvement over not doing anything about it
Unfortunately securing this attack vector is costly - in the sense of annoying the user with prompts and access grants.
This is why even on mobile as you noticed, only browsers require user confirmation before allowing webpages access to the clipboard.
You could maybe do something in between, like not allowing clipboard access to processes which don't have a foreground window visible to the user.
But in practice, this attack vector is not exploited. If you are targeted, it's much more likely that a specific attack against the password manager is used, since it will extract ALL passwords, and not need to wait for one to show up:
> KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url's are dumped into a CSV file in %AppData%
https://github.com/denandz/KeeFarce
-
Google Authenticator's first update in years tweaks how you access security codes
I'm not sure how that defeats the purpose of 2FA. If anything, critical things like 2FA codes being stored locally on your device are more dangerous. Just because it's online doesn't mean it is suddenly insecure. By your logic, password managers being online and cross-platform are also somehow insecure, yet everybody expects those as the most basic features. I don't want to get into a long-winded, pointless "everything on the internet is insecure!" discussion, but I just don't see your point.
- Why I don't hear about malware targetting password managers?
What are some alternatives?
extract_otp_secrets - Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured by camera, read from images, or read from text files. The secrets can be exported to JSON or CSV, or printed as QR codes to console.
KeeThief - Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
AuthenticatorPro - 📱 Two-Factor Authentication (2FA) client for Android + Wear OS
LaZagne - Credentials recovery project
pyotp - Python One-Time Password Library
KeePassHax - A tool to extract a KeePass master password from memory
speakeasy - **NOT MAINTAINED** Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.
1PasswordSuite - Utilities to extract secrets from 1Password
andOTP - [Unmaintained] Open source two-factor authentication for Android
SharpClipboard - C# Clipboard Monitor
authelia - The Single Sign-On Multi-Factor portal for web apps
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.