| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by Lanedo 1039 days ago

Speaking of solutions, when you want to avoid using a phone, there is oathtool. For example for a GitHub 2FA Link like this:

  otpauth://totp/GitHub:username?secret=BLAHBLUBBLAH&issuer=GitHub

You extract the secret and use it like this:

  oathtool --totp=sha1 --base32 BLAHBLUBBLAH
  268685

2 comments

gettodachoppa 1038 days ago

Not on my dev PC now (and dont want to access GH on this one).

How do you get that 'otpauth://totp/GitHub:username?secret=BLAHBLUBBLAH&issuer=GitHub' path? Is it something you have to grab from the browser console?

link

mistrial9 1039 days ago

what is that otpauth:// part about?

    $oathtool --totp - -b
    <enter 16digit code>
    6digit result for MSFT-Github

that works daily CLI; oathtool is packaged as part of OpenStack on GNU-Debian-Ubuntu

link

SaberTail 1039 days ago

otpauth:// is a de-facto standard, since Google Authenticator uses it: https://github.com/google/google-authenticator/wiki/Key-Uri-...

The TOTP QR codes decode to one of these URIs

link