Skip to content
Webapp allowing you to see your TOTP (two factors authentication) codes easily.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
README.md
authenticator.png
bundle.js
favicon.ico
index.css
index.html
settings.js

README.md

Authenticator

What is it ?

It's a webapp allowing you to see your TOTP (two factors authentication) codes easily.

How does it work ?

Everything is done locally, with JS. No network necessary, and moreover, no network request done at all. You don't even need a webserver to use it on your computer. It's more or less secure.

How to use it ?

  • Download the repository however you like. As a zip works well.
  • Extract in your wanted folder.
  • Fill the settings.js with the secrets of your TOTP accounts, and their names.
  • Open index.html

To have the secrets, you either go to each site to ask for one, or if you have a rooted Android phone, with the Google Authenticator App, you can open the /data/data/com.google.android.apps.authenticator2/databases/databases file, which contains all the accounts with their secrets.

What is its purpose ?

It was kind of cumbersome to open the right app in my phone each time I wanted to log in, and my PC is only used by me, in my home (a desktop). So it was secure to have those codes on that machine. And doing it, I found out that it was perfect to use in a Vivaldi web panel.

How was it build ?

This project was hacked together in a couple of days, copy/pasting a lot of code. So I have a lot of acknowledgments to do.

What not to do with this ?

  • Don't host it on an Internet accessible page.
  • Don't use it on a laptop : if someone steal this, or you lose it, they will have your passwords, and your 2 factors auth codes too.
  • Don't use it on a multi-users computer. And I'm not a security expert, so, be very, very, very careful with it.

What is the licence ?

My work is published under the WTFPL. Beware that it covers only my work, and I didn't double check the licences of the other stuff I used.

Is it secure ?

It doesn't do any network request (beyond loading, of course). So I won't stole your codes that way. Beyond that, I'm not a security expert. Please be careful with your secrets. I'm not responsible for anything bad that could happen. This project is provided as-is.

You can’t perform that action at this time.