otp-codegen
two-factor-auth
otp-codegen | two-factor-auth | |
---|---|---|
1 | 1 | |
1 | 298 | |
- | - | |
0.0 | 0.0 | |
about 4 years ago | over 1 year ago | |
Go | Java | |
- | ISC License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
otp-codegen
two-factor-auth
-
How does Google Authenticator work?
It's really easy to integrate into websites as well. I did so a few years ago. The TOTP algorithm is just a few lines of code. I adapted this implementation https://github.com/j256/two-factor-auth at the time. There are similar libraries available for lots of languages.
You need a library like that and a way to convert an otp:// url into a QR code, for which there are many libaries as well. The rest is just implementing a sane UX around this. Storing the user's TOTP secret server side is a bit tricky. I suspect a plain text field in a database is quite common for this; which of course would be disastrous if that database were ever stolen. Secret stores don't scale for this as they tend to be designed for just a handful of secrets. We ended up encrypting these totp secrets using a key from our secret store.
What are some alternatives?
ios-application - A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
android-otp-extractor - Extracts OTP tokens from rooted Android devices
pass-otp - A pass extension for managing one-time-password (OTP) tokens
google-authenticator - Open source version of Google Authenticator (except the Android app)
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
pass - password-store distribution, with plugins.
pyotp - Python One-Time Password Library