Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/paolostivanin/OTPClient

Highly secure and easy to use OTP client written in C/GTK3 that supports both TOTP and HOTP
https://github.com/paolostivanin/OTPClient

2fa 2fa-client 2fa-security 2factor c gnome gtk3 hotp otp totp

Last synced: 3 months ago
JSON representation

Highly secure and easy to use OTP client written in C/GTK3 that supports both TOTP and HOTP

Host: GitHub
URL: https://github.com/paolostivanin/OTPClient
Owner: paolostivanin
License: gpl-3.0
Created: 2015-09-05T11:59:17.000Z (over 9 years ago)
Default Branch: master
Last Pushed: 2023-12-12T09:38:39.000Z (about 1 year ago)
Last Synced: 2023-12-12T10:36:03.961Z (about 1 year ago)
Topics: 2fa, 2fa-client, 2fa-security, 2factor, c, gnome, gtk3, hotp, otp, totp
Language: C
Homepage:
Size: 1.59 MB
Stars: 403
Watchers: 9
Forks: 40
Open Issues: 7
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

awesome-privacy - OTPClient - Hosted, Web-based)*, [Etopa](https://play.google.com/store/apps/details?id=de.ltheinrich.etopa) *(Android)* (2-Factor Authentication / Categories)
awesome-privacy - OTPClient - Hosted, Web-based)*, [Etopa](https://play.google.com/store/apps/details?id=de.ltheinrich.etopa) *(Android)* (2-Factor Authentication / Categories)

README

        # OTPClient



  





  



Highly secure and easy to use GTK+ software for two-factor authentication that supports both Time-based One-time Passwords (TOTP) and HMAC-Based One-Time Passwords (HOTP).

## Requirements

| Name                                               | Min Version |

|----------------------------------------------------|-------------|

| GTK+                                               | 3.24        |

| Glib                                               | 2.68.0      |

| jansson                                            | 2.12        |

| libgcrypt                                          | 1.10.1      |

| libpng                                             | 1.6.30      |

| [libcotp](https://github.com/paolostivanin/libcotp) | 3.0.0      |

| zbar                                               | 0.20        |

| protobuf-c                                         | 1.3.0       |

| protobuf                                           | 3.6.0       |

| uuid                                               | 2.34        |

| libsecret                                          | 0.20        |

| qrencode                                           | 4.0.2       |

:warning: Please note that the memlock value should be `>= 64 MB`. Any value less than this may cause issues when dealing with tens of tokens (especially when importing from third parties backups).

See this [wiki section](https://github.com/paolostivanin/OTPClient/wiki/Secure-Memory-Limitations) for info on how to check the current value and set, if needed, a higher one.

## Features

- integration with the OS' secret service provider via libsecret

- support both TOTP and HOTP

- support setting custom digits (between 4 and 10 inclusive)

- support setting a custom period (between 10 and 120 seconds inclusive)

- support SHA1, SHA256 and SHA512 algorithms

- support for Steam codes (please read [THIS PAGE](https://github.com/paolostivanin/OTPClient/wiki/Steam-Support))

- import and export encrypted/plain [andOTP](https://github.com/flocke/andOTP) backup

- import and export encrypted/plain [Aegis](https://github.com/beemdevelopment/Aegis) backup

- import and export plain [FreeOTPPlus](https://github.com/helloworld1/FreeOTPPlus) backup (key URI format only)

- import and export encrypted/plain [AuthenticatorPro](https://github.com/jamie-mh/AuthenticatorPro) backup

- import and export encrypted/plain [2FAS](https://github.com/twofas) backup

- import of Google's migration QR codes

- local database is encrypted using AES256-GCM

  - key is derived using Argon2id with the following default parameters: 4 iterations, 128 MiB memory cost, 4 parallelism, 32 taglen. The first three parameters can be changed by the user.

  - decrypted file is never saved (and hopefully never swapped) to disk. While the app is running, the decrypted content resides in a "secure memory" buffer allocated by Gcrypt

## Testing

* Before each release, I run PVS Studio and Coverity in order to catch even more bugs.

* With every commit to master, OTPClient is compiled in CircleCI against different distros

## Protobuf

The protobuf files needed to decode Google's otpauth-migration qr codes have been generated with `protoc --c_out=src/ proto/google-migration.proto` 

## Wiki

For things like roadmap, screenshots, how to use OTPClient, etc, please have a look at the [project's wiki](https://github.com/paolostivanin/OTPClient/wiki). You'll find a lot of useful information there.

## Manual installation

If OTPClient hasn't been packaged for your distro ([check here](https://github.com/paolostivanin/OTPClient/wiki/Tested-OS-&-Packages#packages)) and your distro doesn't support Flatpak, then you'll have to manually compile and install OTPClient.

1. install all the needed libraries listed under [requirements](#requirements)

2. clone and install OTPClient:

```

git clone https://github.com/paolostivanin/OTPClient.git

cd OTPClient

mkdir build && cd build

cmake -DCMAKE_INSTALL_PREFIX=/usr ..

make

sudo make install

```

## License

This software is released under the GPLv3 license. Please have a look at the [LICENSE](LICENSE) file for more details.