登录
TOTP 预览

TOTP 作者: Turistu

A TOTP generator that could be used with gmail, github and other sites which require 2FA.

您需要 Firefox 来使用此扩展
下载 Firefox 并安装扩展
下载文件
731
用户
9
评价
4.4 星
5
7
4
1
3
0
2
0
1
1
屏幕截图
Example login with 2FA on githubSelecting a saved key should automatically generate an OTP code and copy it to the clipboard. <br> On X11, it will copy it to both the primary and the clipboard selection.On X11, you can paste the code with a middle button click. <br> Otherwise, use Control-V or Right Click + Paste.If copying to clipboard failed, just click on the generated code to copy it. Copying to clipboard fails if you linger too much while selecting the key, or if the key was automatically filled in by the browser upon opening the popup."Add key" opens a new tab to an extension page from where you can save a key with the browser's password manager.If the "save" button doesn't work, open the password manager directly by clicking on the key-like icon in the address barSince this extension is simply piggybacking on the browser's password manager (instead of implementing its own password wallet), you can manage the TOTP keys just like any other passwords.
关于此扩展
This is a javascript implementation of a TOTP authenticator, using the browser's crypto API. It should do the exactly same thing as google's authenticator, the "oathtool --totp -b ..." command, or any other TOTP generating app.

The javascript code does not send to or fetch any data from anywhere remotely, and it should work the same when served over https, saved locally or used inside a browser extension.

Instead of implementing its own secret saving mechanism (with cookies or local storage), this extension is using the browser's password manager to save the TOTP keys, just like any other passwords.

Since the saved keys are attached to the extension's own "moz-extension://UUID" url, not to the website where they are used, it's not possible for hijacked websites to retrieve them by exploiting the form and passwords autofill mechanism.

This extension is also not using any content script which could be tricked into generating and filling in TOTP codes without user intervention.

Note for Linux/X11 users: Since their half-fix to the exploitable pastejack bug that I have reported, it's no longer possible to copy the totp code to the primary selection automatically upon it being generated. If you still want to paste it with a simple middle-button click, just click once more on the totp code when you see the "copied (for ctrl-V)" message. Sorry for that.
为您的体验打分
您使用 TOTP 的体验如何?

已保存星级评分

更多信息
附加组件链接
版本
1.2.8
大小
12.99 KB
上次更新
1 年前 (2023年11月22日)
相关分类
许可证
仅 GNU 通用公共许可证 v3.0
版本历史
举报此附加组件
添加到收藏集
1.2.8 的发布说明
since the half-fix was back ported to ESR and thunderbird, assume that selectAllChildren() doesn't set the primary selection on *any* version of firefox anymore.
Turistu 制作的更多扩展