pull down to refresh

My 2FA app that integrates pass password manager for the retrieval of seeds
32 sats \ 0 comments \ @denationalized 10 Apr 2024 security
Many 2FA apps require their users to leak their email or their phone number in order to use them. Worst still, some of them require their users to have a smartphone with a working Google Play store or Apple App store. I don't want to do that, that's why I wrote my own 2FA TOTP app. The version below is an improvement on what I published last time. Notably, it integrates pass for secure retrieval of seeds from an encrypted password store. Thus the dependencies of the app include pyotp, gpg, and pass. You would install them on Ubuntu with this one-liner: pip3 install pyotp && sudo apt install -y pass gpg
#!/usr/bin/env python3

#alias TOTP="~/CS/SoftwareDevelopment/MySoftware/Python/pyotp/totp_client_w_pass.py"

from subprocess import run
from time import sleep
from pyotp import TOTP
  

tuple_of_key_paths=("coinbase_totp_key, "tradeogre_totp_key")   
    
def main():
  k=return_key_w_pass(display_menu_of_key_paths(tuple_of_key_paths))
  display_current_code(k)
      
def display_menu_of_key_paths(tuple_of_key_paths):
  while True:
    print("Select a service:")
    for index, key in enumerate(tuple_of_key_paths, start=1):
      print(f"{index}. {key}")
    choice = input("Select the the service with a number of your choice or press Q to quit).\n")
    if choice.lower() == 'q':
      print("Exiting...");break
    try:
      index = int(choice)
      if 1 <= index <= len(tuple_of_key_paths):
        selected_path = tuple_of_key_paths[index - 1]
        return selected_path
      else:
        print("Invalid choice. Please enter a valid number.")
    except ValueError:print("Invalid input. Please enter a number or Q to quit.")

def display_current_code(key):
  totp = TOTP(key)
  while True:
    print(totp.now())
    sleep(5)

def return_key_w_pass(pth):
  k=run(f"pass {pth}", shell=True, capture_output=True, text=True)
  return k.stdout.strip()

  
if __name__ == "__main__":
  main()
This provisional app can be improved upon and you are more than welcome to do that. The code can be tweaked to provide more functionalities, such as support for QR codes. tuple_of_key_paths=("coinbase_totp_key", "tradeogre_totp_key") are paths in my .password-store, replace them with your own that correspond to the services that you use.
write
preview
related posts