Generating 2FA tokens on the terminal so that i don’t have to reach for my phone #lazyTech

Securing your accounts with 2FA or two-factor authentication is a great idea, and what I use most of the time are time-based OTPs (TOTPs).

The process is simple; you only need an app like Google Authenticator (iPhone | Android) or Twilio Authy on your phone. But I’m lazy when I have to get codes from my phone and type them into my laptop. Cloud-based clipboards are also not my thing either.

So, what’s the solution?

A desktop-based app is an option, but it can be slow. Again too lazy to open an app and copy the token. It’s not that different from using the mobile app. The time it takes for the app to open is roughly the same. Yeah, I can’t wait that long. I’m impatient too.

A terminal-based app might work. Most terminal apps are pretty fast. They execute and show results faster than a GUI-based app.

So that’s what I built. A terminal-based app with the ability to add multiple 2FA accounts, generate tokens and copy them right onto my clipboard. Here’s a short demo.

Decoding TOTPs

To understand what’s happening under the hood, let’s examine how 2FA apps work.

To add a new 2FA, you usually start by scanning a QR code. This QR code contains specific information, including a secret key for generating OTPs.

Here’s a QR code; scan it using one of the apps. For example, if you use Google Authenticator to scan this QR code, it will show up as,My Awesome App (johndoe) and a token getting generated every 30s.

QR

Now scan the same using a QR code reader. You will get something like this,

otpauth://totp/My%20Awesome%20App:johndoe?secret=XDQXYCP5AC6FA32FQXDGJSPBIDYNKK5W&issuer=My%20Awesome%20App

This QR code contains information regarding a secret for generating OTPs and information to identify the code from a list of other OTPs on the app.

If you want to integrate 2FA into your app, you can use a library like node-2fa to generate and verify tokens.

Once you have a list of such URLs, you can easily read it, generate OTPs and display them as a table. I exported all the token URLs from my Google Authenticator app and copied them into an array, and I will read them one by one and use the node-2fa library to generate tokens. Once done, what’s left is to pretty-print the tokens as a neat table.

To make it easier for me to access the OTPs, I mapped the code to an alias – otp. So now, all I have to do is enter otp the terminal, and the OTPs are displayed as a list. I can then use the up and down arrow keys to select the OTP I want and hit enter, which copies the OTP into the clipboard.

CLI Navigation

The app’s first version was just a table that printed the OTPs. I had to manually select the OTP to copy it, which was too much effort. Did I tell you that I’m a bit lazy? So, I added

  • Arrow-key navigation to select the OTP
  • Enter to copy and exit, and
  • Ctrl+c to exit the app.

I ran a test program to capture the hex codes for Up↑ (1b5b41), Down↓ (1b5b42), Enter↵ (0d) and Ctrl+c (03) to exit the program.

Limitation

The current app that I have uses pbcopy to access the clipboard. This is a very Mac-specific program(I think). If you want to get this working on other platforms, then you would have to update this line,

var proc = require('child_process').spawn('pbcopy');

If you’re interested in implementing something similar, you can find the complete working code on my GitHub repository at https://github.com/jerrymannel/cli-auth-2fa