Repository files navigation

I believe that security is of paramount importance, especially in this digital world. I created cotp because I needed aminimalist, secure, desktop accessible software to manage my two-factor authentication codes.

Typei to get some instruction. Otherwise just entercotp --help.In the first run you will be prompted to insert a password to initialize the database.

# Display all the OTP codes in the interactive dashboardcotp# select any code with arrow keys, press enter to copy into the clipboard, even in an SSH remote shell# Add a new TOTP code from a BASE32 secret keycotp add --label myaccount@gmail.com --issuer Google# Add a new HOTP code with custom algorithm, digits and countercotp add --label example --type hotp --algorithm SHA256 --digits 8 --counter 10# Edit the digits of the 4th OTP codecotp edit --index 4 --digits 8# List all the codes in JSON format passing password through stdinecho"mysecretpassword"| cotp --password-stdin list --json# Extract the first matching OTP code with "google" issuer and copy it into the clipboardcotp extract --issuer google --copy-clipboard# Import an encrypted Aegis Database backupcotp import --path my_db.json --aegis-encrypted# Export the cotp databasecotpexport

cotp can generate bothTOTP andHOTP codes, compliant withrfc6238 andrfc4226 specifications. Also, it is possible to customize settings likeHMAC algorithm anddigits, to provide compatibility to other two-factor authentication systems.

Latest releases also include support forSteam,Yandex,MOTP codes.

This program relies on only one database file encryptedwithXChaCha20Poly1305 authenticated encryptionandArgon2id for key derivation.

It also usesAES-GCM to import from encrypted Aegis backups.

cotp should be easily compiled on the most used platforms, but it is mostly tested on Linux, Windows and macOS.

cotp is distributed in some of the mayor Linux distro repositories. Please check the repology badge at the top to know if your distribution already provides a package.I will try to push to more repositories over time.

Otherwise you have other options as explained in the next paragraph.

Before beginning check that you have the required build dependencies to use the rust compiler.

You need to install thelibxcb-devel dependency, needed for clipboard coping in X11:

• Debian based:sudo apt install libxcb1-dev libx11-dev libxcb-shape0-dev libxcb-xfixes0-dev libxkbcommon-dev xclip
• Fedora / RHEL based:sudo dnf install libX11-devel
• Void Linuxsudo xbps-install -S libxcb-devel

brew install cotp

Building is supported with bothx86_64-pc-windows-gnu andx86_64-pc-windows-msvc toolchains.

If you want to usex86_64-pc-windows-msvc you will need to installtheVisual C++ 2019 Build Tools

Once you have the rust toolchain installed just runcargo install cotp.

Just typecargo install cotp and wait for the installation.

You can build cotp using these commands:

git clone https://github.com/replydev/cotp.gitcargo install --path cotp/

cotp supports TOTP codes migration from various apps.Some needs to be converted using simple python script you can find listed in the table below.

Once you got the correct files run the right python script located in theconverters/ folder in this source code.

Example:python authy.py path/to/database.xml converted.json

It will convert the database in a json format readable by cotp.

To terminate the import:cotp import --authy --path path/to/converted_database.json

By default database is located in$HOME/.cotp/db.cotp. If you want to use a different path, you can useCOTP_DB_PATH environment variable or use the--database-path argument.The first can be configured in shell configuration files, the second in package managers where the configuration of environment variables is not allowed, like Scoop.

These are examples of how to do this in bash:

$ COTP_DB_PATH=/home/user/.local/custom-folder/db.cotp cotp

or

$ cotp --database-path /home/user/.local/custom-folder/db.cotp

Currently, there is not any planned feature. If you need something new that could improve the software feel free to openan issue.

I created this project for my own needs, but I would be happy if this little program is useful to someone else, and Igratefully accept any pull requests.