{"id":32388283,"url":"https://github.com/marcelocg/mf","last_synced_at":"2026-07-09T04:32:17.983Z","repository":{"id":308419144,"uuid":"1032751817","full_name":"marcelocg/mf","owner":"marcelocg","description":"Secure, cross-platform TOTP token generator for multi-factor authentication","archived":false,"fork":false,"pushed_at":"2025-08-05T19:47:48.000Z","size":33,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-25T03:48:36.745Z","etag":null,"topics":["2fa","authentication","cli","cross-platform","go","mfa","security","totp"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marcelocg.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-05T19:14:06.000Z","updated_at":"2025-08-06T16:59:15.000Z","dependencies_parsed_at":"2025-08-05T21:32:17.018Z","dependency_job_id":"5c3697cd-9e7b-4f91-874b-80bbd0ee5118","html_url":"https://github.com/marcelocg/mf","commit_stats":null,"previous_names":["marcelocg/mf"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/marcelocg/mf","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelocg%2Fmf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelocg%2Fmf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelocg%2Fmf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelocg%2Fmf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marcelocg","download_url":"https://codeload.github.com/marcelocg/mf/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelocg%2Fmf/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35287396,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-09T02:00:07.329Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","cli","cross-platform","go","mfa","security","totp"],"created_at":"2025-10-25T03:48:14.316Z","updated_at":"2026-07-09T04:32:17.976Z","avatar_url":"https://github.com/marcelocg.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MF - Multi-Factor Authentication Token Generator\n\nA secure, cross-platform command-line application for generating TOTP (Time-based One-Time Password) tokens for multi-factor authentication.\n\n## Features\n\n- 🔐 **Secure Storage**: Uses system keychain when available, with encrypted fallback\n- 🚀 **Cross-platform**: Works on Linux, macOS, and Windows\n- 🔄 **Script-friendly**: Perfect for automation and scripts (no password prompts)\n- 📱 **TOTP Compatible**: Works with any service that uses TOTP (Google, AWS, GitHub, etc.)\n- 🛡️ **AES-256 Encryption**: Local data is encrypted using AES-256-GCM\n- 🔄 **Auto-migration**: Automatically upgrades from plain text storage to encrypted\n\n## Installation\n\n### Download Binary\n\nDownload the latest release from the [releases page](../../releases) for your platform:\n\n- **Linux (64-bit)**: `mf-linux-amd64`\n- **Windows (64-bit)**: `mf-windows-amd64.exe`\n- **macOS Intel**: `mf-macos-amd64`\n- **macOS Apple Silicon**: `mf-macos-arm64`\n\n#### Quick Install (Linux/macOS)\n\n```bash\n# Download and install latest version\ncurl -L https://github.com/marcelocg/mf/releases/latest/download/mf-linux-amd64 -o mf\nchmod +x mf\nsudo mv mf /usr/local/bin/\n\n# Verify installation\nmf --version\n```\n\n#### Verify Downloads\n\nAll releases include SHA256 checksums in `checksums.txt`:\n\n```bash\n# Linux/macOS\nsha256sum -c checksums.txt\n\n# Windows (PowerShell)\nGet-FileHash -Algorithm SHA256 mf-windows-amd64.exe\n```\n\n### Build from Source\n\n```bash\ngit clone \u003crepository-url\u003e\ncd mf\nmake build\n```\n\n#### Build Commands\n\n```bash\n# Build for current platform\nmake build\n\n# Build for all platforms\nmake build-all\n\n# Build for specific platforms\nmake build-linux     # Linux 64-bit\nmake build-windows   # Windows 64-bit  \nmake build-macos     # macOS (Intel + Apple Silicon)\n\n# Development workflow (format, lint, test, build)\nmake dev\n\n# Run tests\nmake test\n\n# Clean build artifacts\nmake clean\n```\n\n## Usage\n\n### Add an Account\n\n```bash\nmf add ACCOUNT_NAME SECRET_KEY\n```\n\nExample:\n\n```bash\nmf add AWS-DEV 7C2FFYEHYDUKFDYYNMALARRODZ5CXTD2LWOAID2F4KZD63MMH3XWVWNTZLTR7T3X\n```\n\n### Generate Token\n\n```bash\nmf get ACCOUNT_NAME\n```\n\nExample:\n\n```bash\nmf get AWS-DEV\n# Output: 756815\n```\n\n### List All Accounts\n\n```bash\nmf list\n```\n\n### Help\n\n```bash\nmf --help\nmf [command] --help\n```\n\n## Security\n\n### Storage Locations\n\n- **Linux**: `~/.config/mf/`\n- **Windows**: `%USERPROFILE%\\.config\\mf\\`\n- **macOS**: `~/.config/mf/`\n\n### Security Features\n\n1. **System Keychain Integration**:\n   - Linux: Secret Service API (gnome-keyring, KWallet)\n   - Windows: Windows Credential Manager\n   - macOS: Keychain Services\n\n2. **Encrypted Fallback**:\n   - AES-256-GCM encryption\n   - Machine-specific key derivation\n   - PBKDF2 key stretching\n\n3. **File Permissions**:\n   - Configuration directory: `0700` (owner only)\n   - Account files: `0600` (owner read/write only)\n\n## Script Integration\n\nMF is designed to work seamlessly in scripts without user interaction:\n\n```bash\n#!/bin/bash\nTOKEN=$(mf get AWS-DEV)\naws sts get-caller-identity --token-code $TOKEN\n```\n\n```powershell\n# PowerShell\n$token = mf get AWS-DEV\naws sts get-caller-identity --token-code $token\n```\n\n## Examples\n\n### AWS CLI with MFA\n\n```bash\n# Add your AWS MFA device\nmf add AWS-MFA JBSWY3DPEHPK3PXP...\n\n# Use in AWS CLI\naws sts assume-role \\\n  --role-arn arn:aws:iam::123456789012:role/MyRole \\\n  --role-session-name MySession \\\n  --serial-number arn:aws:iam::123456789012:mfa/user \\\n  --token-code $(mf get AWS-MFA)\n```\n\n### GitHub with MFA\n\n```bash\n# Add GitHub TOTP\nmf add GITHUB-MFA ABCDEFGH...\n\n# Get token for GitHub\nmf get GITHUB-MFA\n```\n\n## Configuration\n\nNo configuration files are needed. The application works out of the box with secure defaults.\n\n## Building\n\n### Prerequisites\n\n- Go 1.19 or later\n- Make (optional, but recommended)\n\n### Using Makefile (Recommended)\n\n```bash\n# Development workflow\nmake dev             # Format, lint, test, and build\n\n# Production builds\nmake build-all       # Build for all platforms\nmake build-linux     # Linux only\nmake build-windows   # Windows only\nmake build-macos     # macOS only\n\n# Testing and maintenance\nmake test           # Run tests\nmake test-coverage  # Run tests with coverage report\nmake clean          # Clean build artifacts\n```\n\n### Manual Build (Alternative)\n\n```bash\n# Local build\ngo build -o mf\n\n# Cross-compilation examples\nGOOS=windows GOARCH=amd64 go build -o mf.exe\nGOOS=darwin GOARCH=amd64 go build -o mf-macos\nGOOS=darwin GOARCH=arm64 go build -o mf-macos-arm64\n\n# Testing\ngo test ./...\n```\n\n## Dependencies\n\n- [Cobra](https://github.com/spf13/cobra) - CLI framework\n- [go-keyring](https://github.com/zalando/go-keyring) - Cross-platform keychain access\n- [otp](https://github.com/pquerna/otp) - TOTP generation\n- [crypto](https://pkg.go.dev/golang.org/x/crypto) - Encryption utilities\n\n## Contributing\n\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Add tests if applicable\n5. Run `make dev` to format, lint, test, and build\n6. Submit a pull request\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for detailed contribution guidelines.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## Security Considerations\n\n- **Secret Keys**: Never share your secret keys or commit them to version control\n- **Backups**: Consider backing up your `~/.config/mf/` directory securely\n- **Machine Access**: Anyone with access to your user account can potentially access stored secrets\n- **Network**: This application works offline and never transmits your secrets over the network\n\n## Troubleshooting\n\n### Common Issues\n\n1. **\"Account not found\"**: Make sure you've added the account using `mf add`\n2. **Permission errors**: Ensure you have write access to `~/.config/mf/`\n3. **Invalid secret**: Verify the secret key is a valid base32-encoded string\n\n### Getting Help\n\n- Check the help: `mf --help`\n- Enable verbose output (if implemented): `mf --verbose get ACCOUNT`\n- Check file permissions: `ls -la ~/.config/mf/`\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md) for version history and changes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcelocg%2Fmf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarcelocg%2Fmf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcelocg%2Fmf/lists"}