OTP menu - bakkeby/dusk GitHub Wiki

If you have used the internet in the last ten years chances are that some website, or the company you work for, have forced you to enable 2FA (two-factor authentication) or MFA (multi-factor authentication) for security reasons.

Often the instructions will say that you need to use a specific mobile app for this.

In order to add the code to the mobile app you need to scan a QR code using the aforementioned mobile authenticator app. That page with the QR code will disappear once you have scanned the code and the authenticator have added the key.

But before you do that, try scanning that QR code using a generic QR reader. That should give a URL that passes a key argument that has a mix of uppercase letters A to Z and digits.

That is the secret key that acts as the seed for the algorithm that works out what the next 6 digit one-time password is.

This key can then be passed to the oathtool tool to generate the OTP password.

That is were the OTP menu comes in. It is a simple dmenu script to look these 6 digit OTP passwords on demand.

Let's say that your company has started using a software suite called worknight where you need to use MFA to log in. You have managed to get hold of the secret key using a generic QR reader or otherwise.

Below is a demonstration of how the OTP menu it is used.

The first time you run the script there will be no existing entries.

new.jpg

We enter a name for the secret key we want to store.

write_worknight.jpg

We press enter and then paste the secret key.

write_secret_key.jpg

Pressing enter again stores the key and we get a confirmation through a notification.

notification1.jpg

Now, the next time we run the script the name we entered will be an option.

worknight.jpg

Selecting that and pressing enter will show what the current OTP key is.

worknight_selected.jpg

Pressing enter again copies the key to the clipboard so that you can readily paste it in the input field to log in on the website.

We get a notification to that fact.

notification2.jpg

In practice the way I use this is that I start logging in and when it asks for the OPT key I open dmenu, type and run otp, select the corresponding key, double tap enter and hit ctrl+v to paste. This takes less time than it takes to unlock my phone.

I do not use a keybinding for this as it is not a tool that I need to use that frequently.

Note that keys can not be deleted via the script. This is intentional because these keys are typically complicated to come by, and you may not be able to find them again afterwards. If you need to delete something then do so manually in the otp.dat file stored in the same directory as the script.

Once you have got hold of a key you can still add to the authentication app on your mobile to have it there as well.

Setup

Dependencies:

  • dmenu
  • oathtool
  • notify-send
  • xclip

To set this up you will need:

  • otp.sh (optionally stored without the .sh extension)

Back to Other scripts and life hacks.

Concepts | Configuration | Features | Flags | Functionality | Functions

⚠️ **GitHub.com Fallback** ⚠️