google-authenticator
andOTP
Our great sponsors
| google-authenticator | andOTP | |
|---|---|---|
| 24 | 75 | |
| 4,501 | 3,604 | |
| - | - | |
| 0.8 | 2.5 | |
| over 3 years ago | almost 2 years ago | |
| Java | Java | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
google-authenticator
-
GitHub will disable non-2FA accounts?
otpauth:// is a de-factor standard, since Google Authenticator uses it: https://github.com/google/google-authenticator/wiki/Key-Uri-...
-
Creating 2fa with pyotp
Random question if you're using TOTP why not just give the user the secret when signing up as a Google Authenticator URI encoded in a QR code? Then you won't need to futz around with sending it to them afterwards. You can even use a library like qrcode.js so you don't generate the barcode server side either.
- why are all the totp secrets different styles?
-
Locker: Store secrets on your local file system.
Locker can generate Time Based OTP codes parsing TOTP urls stored under a special key named totp.
-
Does changing an email that has TOTP setup affect the "secret"?
(Examples> https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
- Google Authenticator open source fork archived
- TOTP tokens on my wrist with the smartest dumb watch
- LastPass gehackt, Nutzerdaten aber anscheinend sicher
- Is google authenticator Private & Secure (Trustworthy) enough to be used for 2StepVerification?
-
Twilio, the people who own Authy, got hacked
If we're talking about the encrypted Authy TOTP secrets and IF they get cracked or guessed, Authy does store the email in the name of the item. Having the name, service and the secret within the QR code's URI is normal and the standard for TOTP. The only thing the hackers won't have is the password.
andOTP
-
EU tells Apple to open everything up to its rivals
I love F-Droid and try to use apps from there whenever possible.
I did recently discover that andOTP is no longer maintained, though. I've switched to Aegis since.
https://github.com/andOTP/andOTP
-
Ask HN: How do you deal with TOTP 2-factor auth?
I use andOTP[0] which auto-exports an encrypted backup to a local folder, which is then synced with Syncthing[1] to my NAS.
It's seamless and doesn't need an internet connection.
- [0]: https://github.com/andOTP/andOTP
- [1]: https://syncthing.net/
-
what is the best OTP auth tool in 2023?
- AndOTP github project is archived in june 2022: https://github.com/andOTP/andOTP
- Beware rogue 2FA apps in App Store and Google Play
-
What OTP app do you use?
I used FreeOTP before that, which is also fine. I switched because maintenance had been fairly uncommon and there were some minor issues bugging me, but it seems to have picked up again recently, and it's backed by Red Hat as an entity for better or for worse. andOTP is officially deprecated, so I recommend switching to either of those.
-
andcli: A 2FA TUI for your shell
At the moment this works with encrypted backup files from andotp and aegis and it totally fullfills my lazyness needs. :)
-
Aegis Authenticator – Secure 2FA App for Android
I was happily using andOTP but seems like it has been unmaintained since June - https://github.com/andOTP/andOTP.
I wish F-Droid or Play Store had a feature like GitHub's 'Archived' to inform users.
- TOTP for 2FA is incredibly easy to implement. So what's your excuse?
-
Overwatch 2 Will Record Voice Chat, Requires a Phone Number to Play
You can use whatever 2FA you want, but you need to extract the secret key for it using some scripts. i did it a while ago and i have both blizzards and steams 2fa on Aegis on android, also works in KeepassXC. I think the 2fa app needs to have support for it but it works. https://github.com/andOTP/andOTP/wiki/Shared-secrets
-
This might be a daft question but If I need to restore my phone/get a new phone and I need to sign into Google, how can I do this if I don't have access to the Bitwarden Authenticator app yet? Thanks
I would switch to andOTP since it allows you to export the keys.
What are some alternatives?
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
pyotp - Python One-Time Password Library
freeotp-backup - A simple python script to backup OTP tokens from the FreeOTP Android app
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
AuthenticatorPro - 📱 Two-Factor Authentication (2FA) client for Android + Wear OS
ios-application - A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
aegis-icons - Unofficial 2FA entry icons for open source Android authenticator Aegis.
two-factor-auth - Two Factor Authentication Java code implementing the Time-based One-time Password Algorithm
Tofu - An easy-to-use two-factor authentication app for iOS [Moved to: https://github.com/calleluks/Tofu]
otp-codegen - Takes your OTP secret in and spits out the 6 digit OTP code