python mOTP
1.0.0
If you need to generate one-time passwords using the Mobile-OTP / mOTP algorithm, from the command-line, without futzing around with your phone.
This is a self-proclaimed “standard” algorithm for one-time passwords. It is confusing, seemingly almost obsolete, and appears to mainly be used in German-speaking countries.You don't want to use this unless you are forced to interact with an existing system that uses such codes for 2FA.
Mobile apps that appear to support it:
Swiss SafeLab OTP authenticator for iOS: on iTunes
Swiss SafeLab OTP authenticator for Android: APK download
Android app that supports this algorithm: DroidOTP on Google Play Store
The principle of the algorithm is explained badly and implemented confusingly but it's very simple: you have a token secret (an ASCII string, usually hexadecimal or alphanumeric) and a PIN (an ASCII string, usually 4 digits), and this is converted to a 6-digit code using:
counter = ASCII((UNIX epoch time) / 10s) digest = MD5HEX(counter || secret || pin) code = LEFT(digest, 6 characters)
That's it. ¯_(ツ)_/¯
Requires Python 3.x.
$ ./motp.py SECRET PIN a1b329
More verbosely:
$ ./motp.py -v SECRET PIN Epoch time: 1549323786 Counter: 154932378 a1b329 (current)
All available options:
$ ./motp.py --help usage: motp.py [-h] [-s SECONDS] [-l LENGTH] [-w WINDOW] [-v] secret pin positional arguments: secret mOTP secret value (often hex or alphanumeric digits) pin mOTP PIN value (usually 4 digits) optional arguments: -h, --help show this help message and exit -s SECONDS, --seconds SECONDS Duration of mOTP codes in seconds (default 30 seconds) -l LENGTH, --length LENGTH Length of mOTP output (default 6 characters) -w WINDOW, --window WINDOW Number of counter values before and after current one to show (for testing time-skew) -v, --verbose
MIT
