Lightweight, offline, independent TOTP 2FA manager for Linux.
No cloud, no phone required. Store your secrets locally, generate codes, create encrypted backups, and sync with Google Authenticator via QR codes.
By using this software, you agree to the full disclaimer terms.
Summary: Software provided "AS IS" without warranty. You assume all risks.
Full legal disclaimer: See DISCLAIMER.md
# Arch Linux
sudo pacman -S oath-toolkit gnupg qrencode python
# Debian/Ubuntu
sudo apt install oathtool gpg qrencode python3
# Fedora/RHEL
sudo dnf install oathtool gnupg2 qrencode python3-
Get the script from repository:
cd ~ git clone https://github.com/smartlegionlab/smart-2fa-manager-python-cli.git cd smart-2fa-manager-python-cli
Or download directly:
wget https://raw.githubusercontent.com/smartlegionlab/smart-2fa-manager-python-cli/main/2fa.py
-
Install:
chmod +x 2fa.py sudo cp 2fa.py /usr/local/bin/2fa.py
Important! This command
2fa.sh initshould only be run on first launch!!! If you already have a .2FA folder created earlier that already stores your services, initialization is not required; you can start using the application immediately. Run only if you don't have a~/.2fafolder and haven't previously initialized using other similar applications or added services!Now you can use:
2fa.py init
# Important! This command `2fa.sh init` should only be run on first launch!!! If you already have a .2FA folder created earlier that already stores your services, initialization is not required; you can start using the application immediately.
# Run only if you don't have a `~/.2fa` folder and haven't previously initialized using other similar applications or added services!
# Initialize storage (creates encrypted ~/.2fa/secrets.gpg)
2fa.py init
# Add a service (secret from website QR code)
2fa.py add github JBSWY3DPEHPK3PXP
# Get TOTP code (auto-copies to clipboard)
2fa.py get github
# Show all services with current codes
2fa.py show-all
# Export QR code to phone (Google Authenticator / Aegis)
2fa.py qr github
# Create encrypted backup (saved to ~/.2fa/backups/)
2fa.py backup
# Restore from backup
2fa.py restore ~/.2fa/backups/secrets.2026-04-06.gpg
# Show version
2fa.py version
# Show author and repository info
2fa.py about| Command | Description |
|---|---|
init |
Create encrypted storage |
add <service> <secret> |
Add a new service |
get <service> |
Generate TOTP code (copies to clipboard) |
list |
List all service names |
show-all |
List all services with current codes |
del <service> |
Delete a service |
show |
Show all secrets in plain text ( |
qr <service> |
Show QR code to scan with phone |
backup |
Create encrypted backup with timestamp |
restore <file> |
Restore from encrypted backup |
about |
Show author, repository and license info |
version |
Show version number |
help |
Show help message |
~/.2fa/
├── secrets.gpg # Encrypted master storage
└── backups/
└── secrets.2026-04-06_14-30-00.gpg
- Secrets are stored locally in
~/.2fa/secrets.gpg(AES-256 encrypted with GPG) - No internet connection required - codes generated locally using
oathtool - Backups are encrypted with the same password
- QR codes let you import secrets into Google Authenticator / Aegis
- Lost your phone? Just re-scan QR codes from your Linux machine
- Your GPG password is never stored
- Backup files are encrypted with the same password
2fa.py showdisplays all secrets in plain text - use in secure environment only- Keep backups in a safe place (encrypted USB drive, offline storage)
- Author: @smartlegionlab
- Repository: smartlegionlab/smart-2fa-manager-python-cli
- Bash version: smartlegionlab/smart-2fa-manager-bash
- Python GUI version: smartlegionlab/smart-2fa-manager-python-gui
- License: BSD 3-Clause