hexpreview

README.md

# Totpex

## TOTP: Time-Based One-Time Password written in Elixir

I'm learning Elixir and gave myself a challenge to write a TOTP client with it.

At the moment it's more a proof of concept than a client, there is no interface. It's a work in process.

### How to use it

Clone the directory :

````bash
git clone git@github.com:jameslafa/totpex.git
cd totpex
````

**In debug mode:**

````bash
iex -S mix

iex(1)> Totpex.generate_totp("mysecretkey_base32encoded")
"798396"
````

**As a standalone application**

````bash
# build binary (one time operation)
mix escript.build

# Execute application
./totpex
Please enter your secret key: 634hszwpdilkzqe2
Your One-Time Password is 382765
````

### Requirements

 1. [Elixir](http://elixir-lang.org/install.html) installed
 2. A computer running at the correct time. Most of the system are automatically so it shouldn't be a problem.
 3. A Base32 encoded secret key given by the service you enabled 2 factor authentication on.

### How to get a secret key on Github to try this tool

 1. Go to your [security settings](https://github.com/settings/security)
 2. Click on **Set up two-factor authentication**
 3. Choose **Set up using an app**. If you don't have Google Authenticator installed on your phone, get it from your App Store
 4. Scan the square code from your app, then it's safe and easy to use from your phone
 5. Click on **enter this text code** to get the Base32 encoded value. Save it somewhere safe
 6. Enter the value generated by your phone
 7. Click on **Enable 2 factor authentication**

 You can now use your secret key obtained at step 5 and compare the generated value with the one given by your phone.

### Thank you

I want to thank my friend Alexandre who helped me to understand the Java code of the official documentation.

I want also to thank the authors of the following articles or projects, it was a great help:

 - [How Google Authenticator Works](https://garbagecollected.org/2014/09/14/how-google-authenticator-works/)
 - [robbiev/two-factor-auth](https://github.com/robbiev/two-factor-auth) written in Go
 - [Google Authenticator One-time Password Algorithm in Javascript](http://blog.tinisles.com/2011/10/google-authenticator-one-time-password-algorithm-in-javascript/)
 - [trustatom-oss/exotp](https://github.com/trustatom-oss/exotp) written in Elixir. The project didn't work for me but it helped me to understand binary manipulation with Elixir.

### Contact

Contact me on twitter [@jameslafa](https://twitter.com/jameslafa)