
Use oathtool Linux command line for 2 step verification (2FA) - war1025
https://www.cyberciti.biz/faq/use-oathtool-linux-command-line-for-2-step-verification-2fa/
======
war1025
I've been very resistant to set up two factor authentication since I often
don't have my phone with me and dislike having to wait for sms codes.

The other day I was forced to enable 2fa for one of my bank accounts, which
led me on a journey to find if I could generate these codes from my computer.

Turns out it's just a standardized algorithm that combines an initial token
with the current time. That means you don't need a special app from Google or
whoever else.

There is a small utility `oathtool` [1] that you can use from the command line
to generate the correct code using the form: `oathtool -b --totp "<secret
token>"`

From there, I integrated that into pass [2] using an extension to generate the
codes as needed.

There is actually an existing extension [3] for otp codes in pass, but I just
wrote a much simpler one line script that just pulls the token out of pass,
runs it through oathtool, and copies it to the clipboard.

Anyway, I thought this was really neat and wanted to share.

[1] [https://www.nongnu.org/oath-toolkit/](https://www.nongnu.org/oath-
toolkit/)

[2] [https://www.passwordstore.org/](https://www.passwordstore.org/)

[3] [https://github.com/tadfisher/pass-
otp#readme](https://github.com/tadfisher/pass-otp#readme)

