Fork of the Tray TOTP Plugin for KeePass2.
Most of consumer TOTPs use the RFC6238 output style, sadly some companies (eg.: Valve) decided not to adhere to the standard and instead build their own format.
In the case of Steam Mobile Authenticator the new output format was reverse engineered by various developers, and alternatives to it started popping up, most do pretty good job and can by themselves recover the TOTP secret (which is no easy task given Valve's implementation).
This plugin is for those who already use Tray TOTP Plugin, but also want to use with Valve's Steam.
- Keepass 2.31
- .NET 3.5 or superior
So, why do this?
Variou reasons, first and most important: I don't want to use another application only for steam! KeePass and Tray TOTP (with some modifications) are more than capable enough to handle this task.
Second: for education, working with another developer's code , specially in a language you're not familiar with, its a difficult task but not uncommon situation.
Third: I wanted only to make a slightly modification, then I needed to make a new setting options, change the way plugin generate in order ta add another step, some rewriting later, too much was changed for simply patch, so I decided to create my own fork and made more changes
Steam TOTP Secret?!
There is no easy way to get it, there are various complications. Since Steam doesn't setup like most services (using QR Codes), the easiest way is to have through a rooted android phone.
Another way would be using totp generators that support Steam like Windows Authenticator and Steam Desktop Authenticator, as far as I know, they emulate the mobile app API calls in order to generate a new TOTP Secret, one could use them to obtain the secret (never tried though), also this have the drawback of disabling the mobile app.
Then open the file manager and navigate to the
/data/data/com.valvesoftware.android.steam.community/files/ directory (requires root access). You will find a file named
Steamguard-[your Steam ID] there, open it as a text file.
Inside the file look for the following text:
otpauth:\/\/totp\/Steam:[your Steam login]?secret=[TOTP secret]&issuer=Steam.
Copy the value of
[TOTP secret] info the TOTP Seed field of the TOTP Setup Wizard.
TODO: Tutorial how to get Steam TOTP secret other ways
My first objective is complete: I made a working prototype. But I'm not happy with the code, I want to rebuild this thing from the ground if needed, I'm by no means criticizing the original work, but it's little complex for me and rebuilding it may help to better understanding it. Also I'm open to suggestion, issues, new features, etc.
English isn't my native language, so please excuse any mistakes.