Open Peronia opened 7 months ago
oplik0
commented
7 months ago From my understanding Steam TOTP is just a standard HMAC-SHA-1 based TOTP, so it should already be supported. The issue is that Steam doesn't expose the actual TOTP secret to the user. There seem to be some API wrappers that allow you to recover it, but I haven't used them and would consider such a wrapper here (and as such adding a whole Steam login flow) to be quite far outside of the scope of this app.
Peronia
commented
7 months ago Well, I tried this and it does not work. There are methods to get the key. I added it into Bitwarden and it works fine. Of course the whole login flow is oversized. Yubikey works fine too.
oplik0
commented
7 months ago Did you set the number of digits to 5 in the advanced section when adding the TOTP secret? As far as I can tell this should be the only difference.
Peronia
commented
7 months ago Here is a screenshot of the advanced section:
As an example I got this TOTP: 12123 Bitdefender shows this (both have the same secret, I must add a steam// in Bitdefender so they know that is steam): AB1AB. The chars and numbers are random, for the Steam Bitwarden TOTP can be 123AB too and so on.
oplik0
commented
7 months ago I'll have to look more into how e.g. Bitwarden implements this and probably need to export a secret myself then...
Hi, Steam uses his own variant of a TOTP, a 5 digit code with letters in it. Does solo v2 support this? If yes, can you add it to the advanced section?