twoken: generate One-Time-Passwords from stored token secrets

A command line application to generate One-Time-Passwords from token secrets stored in an external password store, like the Unix pass. twoken enables two-factor authentication when a mobile device or dedicated hardware token is unavailable or impractical.

WARNING While secrets are stored securely in a password store, using twoken may be less secure than traditional two-factor authentication using dedicated hardware.

Installation

Either install directly with cargo:

cargo install twoken

Or download a pre-compiled binary from the latest release.

Usage

Create a new token and store it in the password store:

twoken --new tokens/my-soft-key

Generate a One-Time-Password (will copy to the clipboard):

twoken tokens/my-soft-key

Generate a One-Time-Password and print it:

twoken --print tokens/my-soft-key

Available password storage backends

twoken currently supports pass, gopass, and plain file storage backends. These can be chosen with the --store argument.

Note: the plain file storage backend is insecure and should only be used for testing.