Skip to content
Garmin ConnectIQ Widget for One Time Passwords (HOTP / TOTP / Steam Guard)
Makefile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
resources Remove draft property Oct 23, 2018
src Remove draft property Oct 23, 2018
test Add provider serialization and parsing Mar 17, 2018
.gitignore TextInput application as initial test Aug 12, 2017
CHANGELOG.md Update changelog Oct 23, 2018
LICENSE Initial commit Aug 12, 2017
Makefile Makefile and resource changes Mar 17, 2018
README.md Update README Oct 23, 2018
manifest.xml Makefile and resource changes Mar 17, 2018
monkey.jungle

README.md

garmin-otp-authenticator

Garmin ConnectIQ Widget for One-Time Passwords as Second Factor Authentication (2FA) similar to Google Authenticator. Multiple OTP formats are supported.

Keys can be entered directly and are stored encrypted using Garmin's application storage. This way, the secret keys will never leave your device and can provide a truly secure second factor!

Less secure, but more convenient: key data can be also added, exported and imported via widget settings.

Garmin ConnectIQ Store Link

Features

  • Timed One-Time Passwords (TOTP) with 30 sec interval and 6 digit codes (not configurable)
  • Counter-based One-Time Passwords (HOTP) with 6 digit codes (not configurable)
  • Steam Guard compatible One-Time Passwords
  • Standalone, offline and no companion Smartphone App required
  • Direct input of a name and base32 key
  • Encrypted storage of keys, can be backed up and restored
  • Add provider entries via settings
  • Import/export entries via settings

Planned features

  • Edit name, key and code type
  • Choosable interval and code length for Time-based
  • Better touch UX on text input - scroll momentum
  • Other UI/UX improvements - feedback welcome!
  • Other device support - low priority / on demand

Backup / Restore

Keys are stored encrypted using Garmin's application storage on the Device. The keys will stay in this form on the device after de-/re-installing the App manually or via Connect IQ Store. Unfortunately, the application storage ist not retained between different versions of the same app!

To overcome this, an import/export mechanism was added to the app settings.

Export keys

To export keys from the encrypted application storage, open the menu in the "OTP Authenticator" widget (currently by touching the screen). When selecting "Export", all provider entries are copied into application properties *until next start. You can access the exported data in the Settings of the widget.

IMPORTANT Secrets are available unencrypted in settings after exporting until the next start. Make sure you backup the exported data in a secure way, e.g. in your password manager with encrypted storage.

Import keys

Using the same approach as above, previously exported key data can be imported again via the Widget settings. On every widget start, all available data is loaded and cleared from the corresponding settings entry.

License

The source code for garmin-otp-authenticator is released under the Mozilla Public License Version 2.0.

Launcher icon made by Roundicons from www.flaticon.com is licensed by Creative Commns BY 3.0.

You can’t perform that action at this time.