Hasty Briefsbeta

De-Googling TOTP Authenticator Codes

9 days ago
https://imrannazar.com/articles/degoogle-otp
Copy Link
  • #Google Authenticator
  • #TOTP
  • #Command-line
  • The author is reducing reliance on Google services, currently using only Maps and Authenticator.
  • Desire to generate TOTP (Time-based One Time Password) codes via command-line using oathtool.
  • Process involves switching OTP provider by disabling and re-enabling 2FA for each service.
  • Google Authenticator allows migration of codes via QR codes to another TOTP handler.
  • Steps include generating QR codes, decoding them, extracting secrets, and setting up oathtool.
  • Using qrtool to decode QR codes from Authenticator on a MacOS machine.
  • Migration URLs contain Base64-encoded, Protobuf data requiring specific tools to decode.
  • Utilizing otpauth_migrate.py to extract service names and secret codes from migration URLs.
  • Setting up oathtool with extracted secrets for command-line TOTP generation.
  • Security consideration: Storing secret keys in plaintext files poses a risk.
  • Future enhancement could involve encrypting secret keys using gpg for better security.
AboutLogin