search

strongbox-password-safe / Strongbox

A KeePass/Password Safe Client for iOS and OS X
https://strongboxsafe.com
GNU Affero General Public License v3.0
1.33k stars 102 forks source link

Please add support for yandex OTP #539

Open TonyInTokyo opened 3 years ago

TonyInTokyo commented 3 years ago

Recently, keepass plugin KeePassOTP added the support for yandex OTP. Is it possible that strongbox adds the same feature? FYR https://github.com/Rookiestyle/KeePassOTP/releases

strongbox-mark commented 3 years ago

Thanks @TonyInTokyo - will investigate.

TonyInTokyo commented 1 year ago

Any update on this? FYR https://github.com/Rookiestyle/KeePassOTP/tree/master/src/Yandex

strongbox-mark commented 1 year ago

Hi @TonyInTokyo - I'm afraid I haven't had a minute to look in to this. Do you by any chance have any documentation on this format?

TonyInTokyo commented 1 year ago

@strongbox-mark Thanks for your prompt reply. Yandex is not using a public algorithm to generate the 2FA Codes. But the following projects implemented it anyway. Perhaps you can reference to them. https://github.com/norblik/KeeYaOtp https://github.com/Rookiestyle/KeePassOTP/tree/master/src/Yandex But I fully understand if you decide not to add non-standard/non-public things. In that case, you may close the ticket. Thank you.

strongbox-mark commented 1 year ago

Thanks @TonyInTokyo - Do you have any sample URLs or QR Codes for testing purposes? It might be an easy one... How are these encoded in regular KeePass entries? Is it an OTPAuth URL?

TonyInTokyo commented 1 year ago

@strongbox-mark Hope the following information can help you. Field name in KeePass entrie: otp URL Format: otpauth://totp/Yandex.Mail:user?secret={SECRET}&digits=8&issuer=Yandex.Mail&yandexpin={YANDEXPIN}&encoder=yandex {SECRET}: 42 characters {YANDEXPIN}: 16 digits Generated result: 8 characters Use encoder=yandex to recognize

example: URL: otpauth://totp/Yandex.Mail:sampleuser?secret=QTBUC809YM5AZSQ2RD5P2L2RBWCCAAAAKRB6CRHY35&digits=8&issuer=Yandex.Mail&yandexpin=9587561238785123&encoder=yandex

Generated Result: qiecuklm

strongbox-mark commented 1 year ago

Hi @TonyInTokyo - Just had a quick look at this, it looks feasible but a quick attempt proved a little tricky, so I'll need to setup some codes for myself so that I can verify... Do you have a set of steps I could use to generate these codes myself and to see the URL and QR Codes? Do I need to setup a Yandex account? Install any apps?

TonyInTokyo commented 1 year ago

@strongbox-mark I think you'll need a yandex account. No apps needed.

  1. Register an account here: https://mail.yandex.com/
  2. Enable 2-factor authentication here: https://id.yandex.com/security/enter-methods

Please refer to the "I'm using Yandex Key version 3.0 and lower" part of the help page: https://yandex.com/support/id/authorization/twofa-on.html