|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Otplib||1,558||172||139||5 months ago||55||January 24, 2020||78||mit||TypeScript|
|:key: One Time Password (OTP) / 2FA for Node.js and Browser - Supports HOTP, TOTP and Google Authenticator|
|Google Authenticator Libpam||1,540||6 days ago||1||March 03, 2021||59||apache-2.0||C|
|Twofactorauth||931||97||26||6 days ago||16||March 09, 2021||6||mit||PHP|
|PHP library for Two Factor Authentication (TFA / 2FA)|
|Mintotp||788||a year ago||3||February 15, 2021||2||mit||Python|
|Minimal TOTP generator in 20 lines of Python|
|Arc||735||2 years ago||34||March 12, 2021||4||gpl-3.0||Go|
|A manager for your secrets.|
|Authy||489||5||5 months ago||14||September 26, 2022||5||mit||Go|
|Go library and program to access your Authy TOTP secrets.|
|Two_factor_authentication||375||26||a year ago||13||January 29, 2019||61||mit||Ruby|
|Two factor authentication extension for Devise|
|Laraguard||275||5||a year ago||14||February 16, 2022||1||mit||PHP|
|"On-premises 2FA Authentication for all your users out-of-the-box|
|Two Factor Auth||265||6 months ago||1||isc||Java|
|Two Factor Authentication Java code implementing the Time-based One-time Password Algorithm|
|Twofactorauth.net||261||4||3||9 months ago||15||July 10, 2020||7||mit||C#|
|.Net library for Two Factor Authentication (TFA / 2FA)|
This is a Go library that allows you to access your Authy TOTP tokens.
It was created to facilitate exports of your TOTP database, because Authy do not provide any way to access or port your TOTP tokens to another client.
It also somewhat documents Authy's protocol/encryption, since public materials on that are somewhat scarce.
Please be careful. You can get your Authy account suspended very easily by using this package. It does not hide itself or mimic the official clients.
This program will enrol itself as an additional device on your Authy account and export all of your TOTP tokens in Key URI Format.
It is also able to save the TOTP database in a JSON file encrypted with your Authy backup password, which can be used for backup purposes, and to read it back in order to decrypt it.
Pre-built binaries are available from the releases page. (Windows binaries have been removed because of continual false positive virus complaints, sorry).
Alternatively, it can be compiled from source, which requires Go 1.12 or newer:
go install github.com/alexzorin/authy/[email protected]
To use it:
pushmethod. This will send a push notification to your existing Authy apps (be it on Android, iOS, Desktop or Chrome), and you will need to respond that from your other app(s).
$HOME/authy-go.jsonfor further uses. Make sure to delete this file and de-register the device after you're finished.
--saveoption, and reload it later with the
--loadoption in order to decrypt it and dump the tokens.
If you notice any missing TOTP tokens, please try toggling "Authenticator Backups" in your Authy settings, to force your backup to be resynchronized.
How do you then import it into another app?
Up to you, depends on the app. If the app uses QR scanning, you can try stick all the dumped URIs into a file (
tokens) and then scan each QR code from your terminal, e.g.:
#!/usr/bin/env bash cat tokens | while IFS= read -r line; do clear echo -n "$line" | qrencode -t UTF8 read -p $"Press any key to continue" key < /dev/tty done
"My Twitch (or other site) token is different to the one I see in the Authy app?"
This is expected, depending on what the site is.
In Authy, there are two types of secrets:
Twitch (and a handful of other sites) are the latter: Authy Apps.
authy-export registers itself as a device on your Authy account. Per the explanation above, that means it is assigned a unique TOTP secret for sites like Twitch, which means it will generate different 7-digit codes to your primary Authy device. These codes will work as long as you don't deregister the
authy-export device from your Authy account.
This is unfortunate, but the fact is: you cannot fully delete your Authy account if you want to keep using TOTP-based authentication with Twitch. If you do, all of the TOTP secrets will be revoked, and you will locked out of Twitch. It happened to me, and Twitch support chose to not help me out ^_^.
When environment variable named
authy-export does not ask for a password and uses the variable instead. Use with care!
All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement