25 releases (14 stable)
1.5.0 | Mar 12, 2024 |
---|---|
1.3.0 | Oct 10, 2023 |
1.2.5 | May 23, 2023 |
1.2.3 | Feb 28, 2023 |
0.1.7 | Feb 21, 2021 |
#20 in Authentication
340 downloads per month
135KB
3K
SLoC
cotp - command line TOTP/HOTP authenticator
I believe that security is of paramount importance, especially in this digital world. I created cotp because I needed a minimalist, secure, desktop accessible software to manage my two-factor authentication codes.
Overview
Interface
cotp is written with simplicity in mind, the interface is quite minimalist and intuitive as command line apps should be.
If you are familiar with the command line interface using cotp will not be a problem. Just type cotp
to enter the TUI
dashboard. Type i
to get some instruction. Otherwise just enter cotp --help
.
In the first run you will be prompted to insert a password to initialize the database.
Encryption
This program relies on only one database file encrypted with XChaCha20Poly1305 authenticated encryption and Argon2id for key derivation.
It also uses AES-GCM to import from encrypted Aegis backups.
Compatibility
cotp can generate both TOTP and HOTP codes, compliant with rfc6238 and rfc4226 specifications. Also, it is possible to customize settings like HMAC algorithm and digits, to provide compatibility to other two-factor authentication systems.
Latest releases also include support for Steam, Yandex, MOTP codes and code copying from SSH Remote Shell.
Cross Plaform
cotp should be easily compiled on the most used platform, but it is mostly tested on Linux and Windows.
Install
Arch Linux and arch-based distributions
Arch Linux has an official package in the [extra] repository:
pacman -S cotp
Additionally if you wish to compile and run the Git HEAD version instead of the current stable release,
an AUR package cotp-git can be installed using the
usual instructions
or your favorite AUR helper like paru (paru -S cotp-git
).
Other linux distributions and *nix
Before beginning check that you have the required build dependencies to use the rust compiler.
You need to install the libxcb-devel dependency, needed for clipboard coping in X11:
- Debian based:
sudo apt install libxcb1-dev libx11-dev libxcb-shape0-dev libxcb-xfixes0-dev libxkbcommon-dev
- Fedora / RHEL based:
sudo dnf install libX11-devel
- Void Linux
sudo xbps-install -S libxcb-devel
Windows
Windows installation/compilation is supported with both of toolchains.
If you want to use x86_64-pc-windows-msvc
you will need to install
the Visual C++ 2019 Build Tools
Once you have the rust toolchain installed just run cargo install cotp
.
Use the crates.io repository
Just type cargo install cotp
and wait for the installation.
Clone the GitHub repository and manually install
You can build cotp using these commands:
git clone https://github.com/replydev/cotp.git
cargo install --path cotp/
Migration from other apps
cotp supports TOTP codes migration from various apps. Some needs to be converted using simple python script you can find listed in the table below.
App | How to fetch backup | Needs conversion | cotp argument |
---|---|---|---|
andOTP | Make a backup using the app itself. | No | --andotp |
Aegis | Make a backup using the app itself. | No | --aegis |
Aegis (encrypted) | Make an encrypted backup using the app itself. | No | --aegis-encrypted |
Authy | Obtain /data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml from your phone. |
Yes | --authy |
Authy (2nd method) | Follow this guide: https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93. | No | --authy-exported |
cotp | Export your database using cotp export . |
No | --cotp |
FreeOTP | Obtain /data/data/org.fedorahosted.freeotp/shared_prefs/tokens.xml from your phone. |
Yes | --freeotp |
FreeOTP+ | Make a backup using the app itself. | No | --freeotp-plus |
Google Authenticator | Obtain /data/data/com.google.android.apps.authenticator2/databases/databases from your phone |
Yes | --google-authenticator |
Microsoft Authenticator | Obtain /data/data/com.azure.authenticator/databases/PhoneFactor from your phone. Take also PhoneFactor-wal , PhoneFactor-shm if they exist in the same folder. |
Yes | --microsoft-authenticator |
OTP URI list | Create a JSON file which contains a items property. It will contains a string array where each element is an OTP URI. | No | --otp-uri |
How to convert
Once you got the correct files run the right python script located in the converters/ folder in this source code.
Example:
python authy.py path/to/database.xml converted.json
It will convert the database in a json format readable by cotp.
To terminate the import:
cotp import --authy --path path/to/converted_database.json
Planned features
Currently, there is not any planned feature. If you need something new that could improve the software feel free to open an issue.
Contribution
I created this project for my own needs, but I would be happy if this little program is useful to someone else, and I gratefully accept any pull requests.
Dependencies
~23–36MB
~406K SLoC