OTP - add support for google authenticator exported QRcode ? #127
Comments
|
This is a great suggestion! |
|
Hi, I'm glad to be useful ^_^. I used this https://github.com/dim13/otpauth but for command line conversion. |
|
Right, it appears to use protocol-buffers, which may not be something we can support immediately. More digging will be required. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This report/suggestion concerns the acquisition and decoding of the QR code containing the seed/secret for OTP.
I see that the standard format (encoded in the QR code) is recognised:
otpauth://totp/Example:[email protected]?secret=JBSWY3DPEHPK3PXP&issuer=Example
(this is an example, there is no sensitive data)
which you can also enter by hand as a text string (I tried it and it works)
However, it does not recognise the fairly widespread format used to export OTPs by applications such as google authenticator, which encodes a string in the QR code in the format
otpauth-migration://offline?data=CiMKCskCjMDVZlPV3OQSD015IFRlc3QgQWNjb3VudCABKAEwAhAB
(this is an example, there is no sensitive data)
The use case is an user exporting the OTP from "hot" and relatively unsafe google authenticator to a safer cold HW wallet as jade.
The text was updated successfully, but these errors were encountered: