Question

5

Generating TOTP for 2FA directly from the computer (no mobile device)

rated 0 times [ 5] [ 0] / answers: 1 / hits: 1064 / 2 Years ago, sat, may 14, 2022, 4:25:24

On Ubuntu 22.04.2, I would be glad to ear about a native and secure way to generate TOTP codes for using in any given application which needs 2FA.

Do you know an open-source way of doing that directly on an Ubuntu computer?

All tutorial I can find are based on the "mobile app" way (e.g. using Google Authenticator), which I cannot use because I don't have any other mobile device than a laptop.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

imonove

Add To Favorites

Follow

Total Points: 82

Total Questions: 113

Total Answers: 106

Location: Saint Vincent and the Grenadines

Member since Wed, Nov 3, 2021

3 Years ago

imonove questions

1 Python, problem reading lines in open file using "open('file_name.txt', 'r')"

Tue, Oct 26, 21, 11:24, 3 Years ago

1 How to create a CLI alias for a web search with W3M?

Sat, Apr 16, 22, 22:32, 2 Years ago

1 What is the terminal command to stop a running snap package program?

Sat, Jun 18, 22, 11:39, 2 Years ago

1 How to allow another user in a group to read a file

Sat, Jul 16, 22, 11:18, 2 Years ago

1 GNU/Linux Ubuntu 20.04.1 - linux-image-5.4.0-56-generic - linux-headers-5.4.0-56-generic breaks AMDGPU drivers

Thu, Feb 10, 22, 07:43, 2 Years ago

View All

answered 2 Years ago amelican · Accepted Answer

KeepassXC

This is a Linux native open-source password manager available from the Ubuntu repository. there is also a PPA if you want the latest.

Install keepassXC either from the Ubuntu store or from the terminal. Open a terminal and enter:

sudo apt install keepassxc

Once installed you have to create a database to keep the passwords.

Then you have to create a new entry with the username and password.
It does not allow creating TOPT at this step.

Finally, once you select the newly created entry (username and
password) you can use the menu on top and select Entries >
TOTP... > Set up TOTP.

Security

KeepassXC database is password protected by default. That is, to use a password (and TOTP) stored in the database, you have to open the KeepassXC app and enter a password to open the database. Optionally you may use a file (stored in an USB drive) for additional security in addition to the password. That is, if the specific file is not there in the USB drove or if the specific USB drive is not plugged in, no one can open the KeepassXC database and access the TOTPs or passwords.

Caveat

You may have to begin the set up of TOTP again at the web pages that offer 2FA of this kind. For example, you may have to momentarily disable 2FA in your Google account, and set it up again to get a new QR code. Most web pages do not show the secret key or the corresponding QR code once the 2FA is setup. If you currently use an authentication app on the phone, the TOTP numbers generated by that app would become obsolete if you do the 2FA setup in the web page again.

On the plus side, KeeppassXC can generate the QR codes for each TOTP once it is set up. That is, you can scan the QR code generated by KeepassXC using your phone's authentication app to update it.

Browser Extensions

You may want to use the Chrome or Firefox extension for KeepassXC. This allows you to copy and paste userID, password, and TOTP (if available) with a couple of clicks.

Authy

Authy is another authentication app for mobiles, tablets, and desktops. there is even a Snap version of it.

Unlike KeeppassXC, Authy does not manage passwords. It is only for generating TOTP. On the plus side, if you use Authy on your mobile or tablet, you can keep your TOTP synced between all the devices including the desktop. You have to create an Authy account to keep the Authy apps in every device in sync.

Hope this helps