cotp 0.1.1

Trustworthy command line authenticator app compatible with backups from andOTP, Aegis and so on..
cotp-0.1.1 is not a library.

cotp - command line totp authenticator

Actions Status

I believe that security is of paramount importance, especially in this digital world. I created cotp because I needed a minimalist, secure, desktop accessible software to manage my two-factor authentication codes.

Overview

cotp is written with simplicity in mind, it relies on only one database file, encrypted with XChaCha20Poly1305 authenticated encryption and argon2id13 for key derivation.

The interface is quite minimalist and intuitive, by typing cotp -h you can see all the program features.

You can also import backup made by Aegis and andOTP Authenticators, but backup compatibility is growing (check planned features)

Installation

ArchLinux

You can install cotp through the Arch User Repository. Before beginning check you already have the required packages:

pacman -S git base-devel

Then choose how you want to proceed

  • Using an AUR Helper like yay: yay -S cotp

  • Or paru: paru -S cotp

  • Manually cloning AUR repo and make the pkg

     git clone https://aur.archlinux.org/cotp.git
 cd cotp
 makepkg -si

Other distributions

You can use prebuilt binaries or build cotp yourself Go to releases page and get the latest version.

How to use

If you are familiar with the command line interface using cotp will not be a problem. Please note that cotp requires at least an 8 chars length password. As i said before, if you type cotp -h you get some instruction on how to use cotp utilities. For example, the version 0.1.1 prints out this help screen:

cotp v0.1.1
written by @replydev

USAGE:
  cotp [SUBCOMMAND]

ARGUMENTS:
  -a,--add [SECRET] [ISSUER] [LABEL]       | Add a new OTP code
  -e,--edit [ID] [SECRET] [ISSUER] [LABEL] | Edit an OTP code
  -r,--remove [ID]                         | Remove an OTP code
  -i,--import [APPNAME] [PATH]             | Import a backup from a given application
  -ex,--export                             | Export the entire database in a plaintext json format
  -j,--json                                | Print results in json format
  -s,--single                              | Print OTP codes in single mode
  -h,--help                                | Print this help

Note that in the --edit command if you type . instead of argument you are specifying not to modify that specific argument.

Example:

Before:

index secret issuer label
3 NB2HI4DTHIXS653XO4XHS33VOR2WEZJOMNXW2L3XMF2GG2B7OY6WIULXGR3TSV3HLBRVC Rick Asley

Command:

cotp -e 3 . . cotp

After:

index secret issuer label
3 NB2HI4DTHIXS653XO4XHS33VOR2WEZJOMNXW2L3XMF2GG2B7OY6WIULXGR3TSV3HLBRVC Rick cotp

Building

First of all install the rust toolchain:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Now clone the repository and build the release binary:

git clone https://github.com/replydev/cotp.git #or https://codeberg.org/replydev/cotp.git
cd cotp
cargo build --release

You will find the compiled binary in target/release folder

Planned features

  • Reduce binary size and improve compilation speed by removing useless dependencies.
  • Use argon2id13 for key derivation
  • CLI Dashboard
  • Backup compatibility with:
    • Aegis
    • andOTP
    • Authy
    • Google Authenticator
    • FreeOTP
  • Graphical User Interface

Contribution

I created this project for my own needs, but I would be happy if this little program is useful to someone else, and I gratefully accept any contributions.