Doesn't work with SendGrid

[tresf]

First, thanks for this library, it's great. I've tried a few techniques, but having a CLI method that exports the QR to UTF8 in console was very cool, thanks!

Unfortunately, I tried to use this technique with a Twilio service, "SendGrid" and it doesn't work.

• Google Authenticator shows a 6-digit code (not a 7-digit code) and doesn't work.
• Authy itself shows a 7-digit code, but instead of a 20-second countdown it shows a 30-second countdown. Modifying the URL doesn't help.
• No matter which Authy technique I've tried, I get QRs that appear hopeful, but they never work properly for SendGrid service.

Has anyone successfully gotten this library to work with SendGrid?

[alexzorin]

Hi Tres,

I tried Sendgrid out just now, and it works okay for me. I was able to login to SendGrid with the 7 digit code:

1. exported from authy-export, then
2. imported into the iOS app "OTP Auth" via QR code.

(FWIW I don't know if "Google Authenticator" supports 7 digit codes, but any app that does, should work).

You will notice that the 7 digit code is not the same one that your Authy app generates and has a different period, but it will still be valid and will still work for login. The reason for the code being different is explained in the part of the README titled:

"My Twitch (or other site) token is different to the one I see in the Authy app?"

[tresf]

Hi, thanks I read the part about the code mismatch. Does your QR work with Authy itself? Perhaps my issue is related to not having a proper OTP application, but I assumed Authy could handle it's own QR codes.

I will retry with OTP Auth, thanks kindly for testing.

[tresf]

I will retry with OTP Auth, thanks kindly for testing.

OTP Auth is not free to try so I won't be using it for testing. I tested again with Authy by generating and importing the QR and the 7 digit code it creates does not work with SendGrid. I will attempt to find another app which is free to try.

[alexzorin]

Yes, I tried importing it back to into Authy and it seems to generate the wrong code.

I then tried importing to Google Authenticator, which worked just fine. It generates an identical code to OTP Auth and allowed me to login to Sendgrid.

[tresf]

I tested OTP Manager from the App Store and it generates the same code as Authy did with the imported QR. I'll document my exact steps.

1. Install Homebrew

2. Install Go

   brew install go

3. Install authy-export

   go get github.com/alexzorin/authy/cmd/authy-export

4. Run authy-export

    go/bin/authy-export

5. It asks for country code and phone number

6. I confirm on my Authy app to allow Unknown device

7. It asks for backup password, I just hit Enter

8. I receive an otpauth:// url, but it needs to be saved, then encoded

9. Save url into file

   # example
   echo "otpauth://totp/SendGrid?digits=7&period=10&secret=AAAAAAAAAAAAAAAAAAAAAAAAAA" > tokens

10. I install urlencode

    brew install urlencode

11. I use provided bash script to export to UTF8/Terminal

    #!/usr/bin/env bash
    cat tokens | while IFS= read -r line; do
      clear
      echo -n "$line" | qrencode -t UTF8
      read -p $"Press any key to continue" key < /dev/tty
    done

12. Copy / paste above script to vi qr.sh, make executable chmod +x qr.sh

13. Call ./qr.sh, a QR code is shown on the Terminal

14. Open Authy, import new QR code, it works. 7-digit code is generated, doesn't work with SendGrid.

[tresf]

Google Authenticator

Ok, I'll test again. Last I tried Google Authenticator it was always a 6-digit code and it would not work.

[tresf]

Google Authenticator

Ok, I'll test again. Last I tried Google Authenticator it was always a 6-digit code and it would not work.

Google Authenticator will not generate a 7-digit code with this QR (nor any others I've tried). Also, the 6-digit code that it generates is not working.

[alexzorin]

I don't see how it can generate a 6-digit code. What happens when you import this:

otpauth://totp/Fake?digits=7&period=10&secret=X5BZX5Y3QKICPBFHTP2EKAWQHE

[tresf]

otpauth://totp/Fake?digits=7&period=10&secret=X5BZX5Y3QKICPBFHTP2EKAWQHE

Google Authenticator (Android / Pixel 4)

[alexzorin]

This is what I get on Google Authenticator (iOS) for that URI:

and the QR code for completeness sake:

[tresf]

Hmm... I have same barcode, but not the same 7-digit code.

[alexzorin]

Ah. I downloaded Google Authenticator on an Android tablet, and I get the 6 digits as well. It looks like the Google Authenticator Android app does not support 7-digit codes. Indeed on the Google wiki it says as much:

Currently, on Android and Blackberry the digits parameter is ignored by the Google Authenticator implementation.

Lame (and weird, so the iOS version is just a totally different codebase?).

I tried "FreeOTP+" off the Play Store, and it works fine.

So, TIL:

1. Importing the URI back into Authy causes the wrong code to be generated (cause unknown).
2. Google Authenticator on Android only supports 6 digit codes.

[tresf]

Thank you very much for the hard work. It makes much more sense that the issue is related to the apps I'm using. I can confirm that FreeOTP+ works.

[lochstar]

Just in case someone else is having difficulties, you can use oathool as follows: oathtool --totp --digits 7 -s 10 -b YOURKEYHERE