halo
commented
9 years ago Is it possible at all? As in "should it work"?
- [ ] yes
- [ ] no
Thank you for your time.
Closed halo closed 9 years ago
halo
commented
9 years ago Is it possible at all? As in "should it work"?
Thank you for your time.
vbatts
commented
9 years ago So sorry I have missed this question!
This Is largely a PoC. The trick is in the constraints of salt creation. The OTP server I interact with not allow the types of salts in its manual creation. So I have yet to be able to validate this tool against it. (LinOTP)
First of all, thanks for implementing this :)
I might be mistaken, but should I not be able to use this tool as a replacement for the Google Authenticator iPhone app?
Say, I want to enable TFA for some webservice (e.g. Github etc.). Usually I'd scan the resulting QR code with Google Authenticator and have my codes rolling. Instead, I decode the QR code and get something like this:
otpauth://totp/SomeService:someuser@example.com?secret=abcdef&ussier=SomeIssueris it possible, then, to have go-google-authenticator generate the same token as Google Authenticator on the iPhone does?
I tried passing in the secret as salt along with some variations of intervals (should be 60 I guess) but I couldn't manage to have your tool produce the same codes.
Am I missing something crucial? :)