Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About

Otp

TOTP library for Go
Stars
1,873
License
apache-2.0
Open Issues
5
Most Recent Commit
15 days ago
Programming Language
Go
Dependent Repos
340
Dependent Packages
1,074
Total Releases
7
Latest Release
December 13, 2022
Categories
Repo
Alternatives To Otp
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Glauth2,08332 days ago25July 03, 202356mitGo
A lightweight LDAP server for development, home use, or CI
Otp1,8733401,07415 days ago7December 13, 20225apache-2.0Go
TOTP library for Go
Google Authenticator Libpam1,584
11 days ago1March 03, 202160apache-2.0C
Rotp1,524rubygems rotp} Downloads2,52763a month ago38December 13, 20223mitRuby
Ruby One Time Password library
Freeotp Android1,210
7 days ago121apache-2.0Java
Otphp1,139packagist spomky-labs/otphp} Downloads96392 months ago52November 11, 20222mitPHP
:closed_lock_with_key: A PHP library for generating one time passwords according to RFC 4226 (HOTP) and the RFC 6238 (TOTP)
Guac Install859
a month ago45Shell
Script for installing Guacamole on Ubuntu
Arc735
3 years ago34March 12, 20214gpl-3.0Go
A manager for your secrets.
Otpauth664npm otpauth} Downloads11214 days ago89November 10, 20221mitJavaScript
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.
Notp662npm notp} Downloads169654 months ago5October 14, 201422mitJavaScript
Node One Time Password library, supports HOTP, TOTP and works with Google Authenticator
Alternatives To Otp
Select To Compare
Glauth ⭐ 2,083
A lightweight LDAP server for development, home use, or CI
dependent packages 3total releases 25most recent commit 2 days ago
Otp ⭐ 1,873
TOTP library for Go
dependent packages 1,074total releases 7most recent commit 15 days ago
Google Authenticator Libpam ⭐ 1,584
total releases 1most recent commit 11 days ago
Rotp ⭐ 1,524
Ruby One Time Password library
dependent packages 63total releases 38most recent commit a month agorubygems rotp} Downloads
Freeotp Android ⭐ 1,210
most recent commit 7 days ago
Arc ⭐ 735
A manager for your secrets.
total releases 34most recent commit 3 years ago
Otpauth ⭐ 664
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.
dependent packages 21total releases 89most recent commit 4 days agonpm otpauth} Downloads
Notp ⭐ 662
Node One Time Password library, supports HOTP, TOTP and works with Google Authenticator
dependent packages 65total releases 5most recent commit 4 months agonpm notp} Downloads


Suggest An Alternative To otp
Alternative Project Comparisons
Otp vs Glauth
Otp vs Google Authenticator Libpam
Otp vs Rotp
Otp vs Freeotp Android
Otp vs Otphp
Otp vs Guac Install
Otp vs Arc
Otp vs Otpauth
Otp vs Notp
Readme

otp: One Time Password utilities Go / Golang

PkgGoDev Build Status

Why One Time Passwords?

One Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user's phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, GitHub, Facebook, Salesforce and many others.

The otp library enables you to easily add TOTPs to your own application, increasing your user's security against mass-password breaches and malware.

Because TOTP is standardized and widely deployed, there are many mobile clients and software implementations.

otp Supports:

  • Generating QR Code images for easy user enrollment.
  • Time-based One-time Password Algorithm (TOTP) (RFC 6238): Time based OTP, the most commonly used method.
  • HMAC-based One-time Password Algorithm (HOTP) (RFC 4226): Counter based OTP, which TOTP is based upon.
  • Generation and Validation of codes for either algorithm.

Implementing TOTP in your application:

User Enrollment

For an example of a working enrollment work flow, GitHub has documented theirs, but the basics are:

  1. Generate new TOTP Key for a User. key,_ := totp.Generate(...).
  2. Display the Key's Secret and QR-Code for the User. key.Secret() and key.Image(...).
  3. Test that the user can successfully use their TOTP. totp.Validate(...).
  4. Store TOTP Secret for the User in your backend. key.Secret()
  5. Provide the user with "recovery codes". (See Recovery Codes bellow)

Code Generation

  • In either TOTP or HOTP cases, use the GenerateCode function and a counter or time.Time struct to generate a valid code compatible with most implementations.
  • For uncommon or custom settings, or to catch unlikely errors, use GenerateCodeCustom in either module.

Validation

  1. Prompt and validate User's password as normal.
  2. If the user has TOTP enabled, prompt for TOTP passcode.
  3. Retrieve the User's TOTP Secret from your backend.
  4. Validate the user's passcode. totp.Validate(...)

Recovery Codes

When a user loses access to their TOTP device, they would no longer have access to their account. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged, this is a common problem. For this reason many providers give their users "backup codes" or "recovery codes". These are a set of one time use codes that can be used instead of the TOTP. These can simply be randomly generated strings that you store in your backend. Github's documentation provides an overview of the user experience.

Improvements, bugs, adding feature, etc:

Please open issues in Github for ideas, bugs, and general thoughts. Pull requests are of course preferred :)

License

otp is licensed under the Apache License, Version 2.0

Popular Totp Projects
Authelia ⭐ 17,453
The Single Sign-On Multi-Factor portal for web apps
dependent packages 2total releases 64latest release October 28, 2019most recent commit a day agonpm authelia} Downloads
Cli ⭐ 3,260
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
dependent packages 121total releases 313latest release July 18, 2023most recent commit a day ago
Popular Password Projects
Depix ⭐ 23,527
Recovers passwords from pixelized screenshots
total releases 2latest release December 22, 2020most recent commit 4 months ago
Hashcat ⭐ 18,321
World's fastest and most advanced password recovery utility
total releases 1latest release January 31, 2023most recent commit a day ago
Zxcvbn ⭐ 14,217
Low-Budget Password Strength Estimation
dependent packages 407total releases 25latest release February 07, 2017most recent commit 4 days agonpm zxcvbn} Downloads
Popular Security Categories
Security
Token
Authentication
Password
Role
Vulnerabilities
Oauth
Ssh
Login
Scanner
Related Searches
Go Password
Totp Hotp
Password Totp
Password Recovery
Go Recovery
Go Totp
Password Hotp
Password Passcode

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Go
Password
Recovery
Totp
Passcode
Hotp
Privacy | About | Terms | Follow Us On Twitter

Downloads, Dependent Repos, Dependent Packages, Total Releases, Latest Releases data powered by Libraries.io.

Copyright 2018-2023 Awesome Open Source.  All rights reserved.