Can PyOTP be integrated with Duo?

[mave89]

Hi,

I can see that PyOTP integrates well with Google Authenticator and Authy. I have a use case where I want PyOTP to work with Duo but I haven't found any docs on that. So I wanted to ask the community about it. Any insights on this are much appreciated!

Best,

Faiz

[kislyuk]

Hello, thank you for your interest in PyOTP.

PyOTP does not directly support any specific authenticator applications. Instead, as noted in the PyOTP documentation, PyOTP supports open standards including TOTP, HOTP, and the OTP URI convention.

Please refer to the documentation of the app in question to check if it supports TOTP or HOTP.

[mcoirad]

For anyone wondering Duo supports HOTP but doesn't support using an authenticator solution other than their own apps. Funnily enough they allow people to use their app for other authentication systems but not vice-versa. Great business model. You'll have to find a way of getting the actual HOTP key from Duo somehow -- I have not yet gone through their app to see how it is getting the base32 string from the QR code they give you.

One workaround for stuff involving Duo (that is beyond the scope of this project) can be emulating a hardware security key (which Duo does support) using something like Virtual FIDO. Probably not great security wise but if all you care about is cracking Duo it is a convenient solution.