google-authenticator
ProtonMail Web Client
google-authenticator | ProtonMail Web Client | |
---|---|---|
24 | 180 | |
4,501 | 4,114 | |
- | 1.4% | |
0.8 | 10.0 | |
over 3 years ago | 18 days ago | |
Java | TypeScript | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
google-authenticator
-
GitHub will disable non-2FA accounts?
otpauth:// is a de-factor standard, since Google Authenticator uses it: https://github.com/google/google-authenticator/wiki/Key-Uri-...
-
Creating 2fa with pyotp
Random question if you're using TOTP why not just give the user the secret when signing up as a Google Authenticator URI encoded in a QR code? Then you won't need to futz around with sending it to them afterwards. You can even use a library like qrcode.js so you don't generate the barcode server side either.
- why are all the totp secrets different styles?
-
Locker: Store secrets on your local file system.
Locker can generate Time Based OTP codes parsing TOTP urls stored under a special key named totp.
-
Does changing an email that has TOTP setup affect the "secret"?
(Examples> https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
- Google Authenticator open source fork archived
- TOTP tokens on my wrist with the smartest dumb watch
- LastPass gehackt, Nutzerdaten aber anscheinend sicher
- Is google authenticator Private & Secure (Trustworthy) enough to be used for 2StepVerification?
-
Twilio, the people who own Authy, got hacked
If we're talking about the encrypted Authy TOTP secrets and IF they get cracked or guessed, Authy does store the email in the name of the item. Having the name, service and the secret within the QR code's URI is normal and the standard for TOTP. The only thing the hackers won't have is the password.
ProtonMail Web Client
- Has anyone tried to run the Proton Mail UI locally?
-
ProtonDrive encryption key
The source code is here https://github.com/ProtonMail/WebClients
-
Proton Pass – Protecting your passwords and online identity
> Finally, in keeping with our long track record of transparency, Proton Pass is open source so anyone can review and verify our security architecture
They sure do enjoy writing that sentence without including any hyperlinks. This (https://github.com/ProtonMail/WebClients/tree/main/applicati...) appears to be the browser extension and https://github.com/ProtonMail/WebClients/tree/main/packages/... appears to look like the backend referenced in the extension's readme, but that directory's readme is zero bytes so (shrug)
- Where is the source code for Proton Drive?
-
Basic HTML Mode?
Fork the frontend and make your own lightweight option
- Where can I find the source code of the web app?
-
Announcement: SMTP Server in Rust with DMARC, DANE, MTA-STS, Sieve, OTEL support
PS: I hope that we selfhosters will have a modern, efficient, easy to use mail suite one day with modern features like JMAP, good self-learning spam integration, automated checks and validations for SPF/DMARC/DKIM or whether the IP/host suddenly appears in a blocklist and integrated encryption at rest for emails. Something that isn't 30 services in a container image, with 30 different configuration styles. Maybe even with an API integrated that's compatible to the ProtonMail frontend (like the neutron server once intended to be). Anyway, I'm sorry for dreaming. ;)
-
Why is the "Special offer" button still there after I purchased 1 year of Mail Plus through that very button?? Not happy.
And if you want to customize it further you can use Stylus to add custom CSS, Tampermonkey to add JS, or even modify the whole thing yourself from source (if you run it locally it syncs with your actual account).
- Is Proton Drive better than Sync.com?
-
Is there any tool to verify client-side website code you get served is the same as the open source version?
There are lots of useful End to end encrypted webapps such as Protonmail, cryptpad, cryptee and many others. And part of why we trust them is that the client side code is open source, so we can see that end to end encryption is really going on and is really secure. Its impossible to verify what code they are running in their server, but if the data we send them is already encrypted we can rest easy.
What are some alternatives?
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
SimpleLogin - The SimpleLogin back-end and web app
pyotp - Python One-Time Password Library
Roundcube - The Roundcube Webmail suite
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
RainLoop - Simple, modern & fast web-based email client
ios-application - A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
Tutanota makes encryption easy - Tuta is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.
andOTP - [Unmaintained] Open source two-factor authentication for Android
Mailpile - A free & open modern, fast email client with user-friendly encryption and privacy features
two-factor-auth - Two Factor Authentication Java code implementing the Time-based One-time Password Algorithm
proton-mail - React web application to manage ProtonMail