pyotp
two-factor-auth
pyotp | two-factor-auth | |
---|---|---|
18 | 1 | |
2,831 | 298 | |
0.9% | - | |
4.2 | 0.0 | |
about 1 month ago | over 1 year ago | |
Python | Java | |
GNU General Public License v3.0 or later | ISC License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pyotp
-
django authentication , login with otp
Can’t you just use a HOPT/TOPT so the user can scan a QR code with e.g google authenticator? Check https://github.com/pyauth/pyotp for more information
-
WebAuthn Is Great and It Sucks
F-Droid has a number of apps.
KeePassDX (also on F-Droid) also supports TOTP, as does KeePass 2.0 on desktop, if you're comfortable keeping it with your password manager.
PyOTP contains plenty of information about how to implement an authenticator app.
https://pyauth.github.io/pyotp/
- Managing credentials for automated scripts
-
Is it possible to do this with Python ?
I know/use https://github.com/pyauth/pyotp for some 2FA especially Google.
- OTP for python .exe
- How can I login to an account using google authenticator?
-
Little help with designing simple web app
you can use https://pyauth.github.io/pyotp/ to add TOTP functionality to your login.
-
Automating Oaut2 authorization code flow without browser (headless)
I'm trying to access an API that uses the Oauth2 authorization code flow with MFA. I can automate the MFA part with https://github.com/pyauth/pyotp, but the flow also opens a browser instance where it's expected that a user logs in manually. I wish to automate this step so there's no human intervention required.
-
2FA-FASTAPI
No I didn't tried it. But we should give the key in base32 right.? https://github.com/pyauth/pyotp
- Get two factor code using Python
two-factor-auth
-
How does Google Authenticator work?
It's really easy to integrate into websites as well. I did so a few years ago. The TOTP algorithm is just a few lines of code. I adapted this implementation https://github.com/j256/two-factor-auth at the time. There are similar libraries available for lots of languages.
You need a library like that and a way to convert an otp:// url into a QR code, for which there are many libaries as well. The rest is just implementing a sane UX around this. Storing the user's TOTP secret server side is a bit tricky. I suspect a plain text field in a database is quite common for this; which of course would be disastrous if that database were ever stolen. Secret stores don't scale for this as they tend to be designed for just a handful of secrets. We ended up encrypting these totp secrets using a key from our secret store.
What are some alternatives?
google-authenticator - Open source version of Google Authenticator (except the Android app)
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
authelia - The Single Sign-On Multi-Factor portal for web apps
pass-otp - A pass extension for managing one-time-password (OTP) tokens
privacyIDEA - :closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)
ios-application - A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
aws-mfa - Manage AWS MFA Security Credentials
totp-cli - A cli-based pass-backed TOTP app.
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
python-bna - Python implementation of the mobile Blizzard Authenticator (TOTP)
strongbox - A secret manager for AWS