A command-line tool for managing two-factor authentication (2FA) TOTP codes.
Project description
TFA CLI Tool
A command-line tool for managing two-factor authentication (2FA) TOTP codes.
Why did I build this?
- I wanted to understand how TOTP codes work. I don't like trusting access to my accounts to a black box which I don't understand.
- I don't keep my phone with me all the time.
- I'm worried about losing access to my accounts if I lose my phone.
I feel far more comfortable with TOTP codes now!
Should you use this?
Maybe? This probably isn't best practice for two factor authentication codes. The default assumption is that phones have better security than computers. Depending on how you manage passwords, and access to your e-mail someone with access to your computer probably has the ability to access your accounts.
The secret database is not encrypted. It a simple json file that gets rewritten on every modification. It might lose your secrets. You should keep backups, and probably use the qr code feature to add accounts an authenticator app.
I'm also not a security expert. I'm just a programmer who wanted to understand TOTP. Maybe you should use a standard tool instead.
Use at your own risk.
Installation
pip install tfa
There is no default location for the database because the point is to make secret management less opaque than typical authentication apps. Set a preferred location in your shell configuration.
export TFA_STORAGE_PATH=~/.config/tfa/accounts.json
The secrets are stored in a simple json file with no encryption.
Usage
Add a new account
tfa add <account_name> <secret_key>
# With custom issuer name
tfa add <account_name> <secret_key> --issuer "Custom Name"
# Force overwrite existing account
tfa add <account_name> <secret_key> -f
Get TOTP code
tfa code <account_name>
List accounts
tfa list
Remove account
tfa remove <account_name>
Generate QR Code
Generate a QR code to scan with other authenticator apps:
tfa qr <account_name>
Examples
# Add a new GitHub account
tfa add github JBSWY3DPEHPK3PXP --issuer "GitHub"
# Get current code
tfa code github
# Output: GitHub: 123456
# List all accounts
tfa list
# Output: github
# Generate QR code
tfa qr github
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tfa-0.2.1.tar.gz.
File metadata
- Download URL: tfa-0.2.1.tar.gz
- Upload date:
- Size: 5.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.0 CPython/3.10.0 Linux/5.15.0-131-generic
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8026184c314596d9565a55d4d94aa099d035930a4f50bf8761b1eb27b7d8930c
|
|
| MD5 |
7d7ad6ea3f19ec2e69c1add7d43fb9a2
|
|
| BLAKE2b-256 |
c9d2693e6a408e449c877b2096dd237bbf4d534f9a884f173a0f2fbbddbae85e
|
File details
Details for the file tfa-0.2.1-py3-none-any.whl.
File metadata
- Download URL: tfa-0.2.1-py3-none-any.whl
- Upload date:
- Size: 6.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.0 CPython/3.10.0 Linux/5.15.0-131-generic
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
40f911f5165257acf8b20bad54b4e0c1a453bcb5731207ea609da981b093131c
|
|
| MD5 |
956ff3ca90e62ad33f46c66a068ec83e
|
|
| BLAKE2b-256 |
ab9f1bd24fa4efa8a893e34f23a6ee1f72dbbfb98d54857b8f34c9abff978142
|
