Highly secure and easy to use GTK+ software for two-factor authentication that supports both Time-based One-time Passwords (TOTP) and HMAC-Based One-Time Passwords (HOTP).
Name | Min Version |
---|---|
GTK+ | 3.24 |
Glib | 2.68.0 |
jansson | 2.12 |
libgcrypt | 1.10.1 |
libpng | 1.6.30 |
libcotp | 3.0.0 |
zbar | 0.20 |
protobuf-c | 1.3.0 |
protobuf | 3.6.0 |
uuid | 2.34 |
libsecret | 0.20 |
qrencode | 4.0.2 |
>= 64 MB
. Any value less than this may cause issues when dealing with tens of tokens (especially when importing from third parties backups).
See this wiki section for info on how to check the current value and set, if needed, a higher one.
- integration with the OS' secret service provider via libsecret
- support both TOTP and HOTP
- support setting custom digits (between 4 and 10 inclusive)
- support setting a custom period (between 10 and 120 seconds inclusive)
- support SHA1, SHA256 and SHA512 algorithms
- support for Steam codes (please read THIS PAGE)
- import and export encrypted/plain andOTP backup
- import and export encrypted/plain Aegis backup
- import and export plain FreeOTPPlus backup (key URI format only)
- import and export encrypted/plain AuthenticatorPro backup
- import and export encrypted/plain 2FAS backup
- import of Google's migration QR codes
- local database is encrypted using AES256-GCM
- key is derived using Argon2id with the following default parameters: 4 iterations, 128 MiB memory cost, 4 parallelism, 32 taglen. The first three parameters can be changed by the user.
- decrypted file is never saved (and hopefully never swapped) to disk. While the app is running, the decrypted content resides in a "secure memory" buffer allocated by Gcrypt
- Before each release, I run PVS Studio and Coverity in order to catch even more bugs.
- With every commit to master, OTPClient is compiled in CircleCI against different distros
The protobuf files needed to decode Google's otpauth-migration qr codes have been generated with protoc --c_out=src/ proto/google-migration.proto
For things like roadmap, screenshots, how to use OTPClient, etc, please have a look at the project's wiki. You'll find a lot of useful information there.
If OTPClient hasn't been packaged for your distro (check here) and your distro doesn't support Flatpak, then you'll have to manually compile and install OTPClient.
- install all the needed libraries listed under requirements
- clone and install OTPClient:
git clone https://github.com/paolostivanin/OTPClient.git
cd OTPClient
mkdir build && cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr ..
make
sudo make install
This software is released under the GPLv3 license. Please have a look at the LICENSE file for more details.