Convert Figma logo to code with AI

google logogoogle-authenticator

Open source version of Google Authenticator (except the Android app)

5,203
966
5,203
165
View on GitHub

Top Related Projects

freeotp's avatar

freeotp-android

1,442

Yubico's avatar

yubioath-flutter

1,041

Yubico Authenticator for Desktop (Windows, macOS and Linux) and Android

Quick Overview

Google Authenticator is an open-source project that implements two-step verification services using the Time-based One-time Password (TOTP) algorithm for authenticating users of software applications. It provides implementations for both mobile apps (Android and iOS) and a PAM module for Linux systems, enhancing security by adding an additional layer of authentication beyond just a password.

Pros

  • Enhances security by implementing two-factor authentication
  • Open-source, allowing for community contributions and audits
  • Supports multiple platforms (Android, iOS, Linux)
  • Implements widely-accepted TOTP standard

Cons

  • Limited to time-based OTP, doesn't support other 2FA methods
  • Requires users to have a separate device (smartphone) for authentication
  • Can be inconvenient for users who frequently need to authenticate
  • Potential for time synchronization issues between devices

Code Examples

As this is primarily a mobile app and PAM module implementation, there aren't typical code examples to showcase. However, here are some relevant configuration examples for the PAM module:

  1. Basic PAM configuration:
auth required pam_google_authenticator.so
  1. PAM configuration with nullok option (allowing non-2FA logins):
auth required pam_google_authenticator.so nullok
  1. PAM configuration with secret key in a non-default location:
auth required pam_google_authenticator.so secret=/etc/google-authenticator/${USER}

Getting Started

To get started with Google Authenticator PAM module on a Linux system:

  1. Install the PAM module:

    sudo apt-get install libpam-google-authenticator

  2. Run the initialization tool:

    google-authenticator

  3. Follow the prompts to set up your secret key and configure options.

  4. Add the PAM configuration to your desired service (e.g., SSH) in /etc/pam.d/:

    auth required pam_google_authenticator.so

  5. Configure your service to use PAM authentication (e.g., set ChallengeResponseAuthentication yes in sshd_config for SSH).

  6. Restart the service to apply changes.

For mobile apps, simply download the Google Authenticator app from the respective app store and follow the in-app instructions to set up accounts.

Competitor Comparisons

freeotp logo

freeotp-android

1,442

Pros of FreeOTP Android

  • Open-source and fully auditable, enhancing trust and security
  • Supports a wider range of token types, including HOTP and TOTP
  • More frequent updates and active community involvement

Cons of FreeOTP Android

  • Less intuitive user interface compared to Google Authenticator
  • Fewer built-in features for backup and account recovery
  • Smaller user base, potentially leading to slower bug detection

Code Comparison

FreeOTP Android (Kotlin):

override fun onOptionsItemSelected(item: MenuItem): Boolean {
    return when (item.itemId) {
        R.id.action_add -> {
            startActivity(Intent(this, AddActivity::class.java))
            true
        }
        else -> super.onOptionsItemSelected(item)
    }
}

Google Authenticator (Java):

@Override
public boolean onOptionsItemSelected(MenuItem item) {
    switch (item.getItemId()) {
        case R.id.add_account:
            startActivity(new Intent(this, AddAccountActivity.class));
            return true;
        default:
            return super.onOptionsItemSelected(item);
    }
}

Both repositories implement similar functionality for adding new accounts, but FreeOTP Android uses Kotlin's more concise when expression, while Google Authenticator uses Java's traditional switch statement. FreeOTP's code is generally more modern and adheres to current Android development practices.

Yubico logo

yubioath-flutter

1,041

Yubico Authenticator for Desktop (Windows, macOS and Linux) and Android

Pros of yubioath-flutter

  • Cross-platform support (iOS, Android, desktop) using Flutter framework
  • Modern UI and user experience
  • Active development and frequent updates

Cons of yubioath-flutter

  • Limited to Yubico hardware devices
  • Smaller community and ecosystem compared to Google Authenticator
  • Steeper learning curve for developers unfamiliar with Flutter

Code Comparison

yubioath-flutter

Future<void> addCredential(Credential credential) async {
  await _yubiKeyManager.addCredential(credential);
  _refreshCredentials();
}

google-authenticator

public void addAccount(String secret, String issuer, String accountName) {
    AccountDb.OtpType type = AccountDb.OtpType.TOTP;
    Account account = new Account(secret, issuer, accountName, type);
    mAccountDb.add(account);
}

The yubioath-flutter code uses Dart and async/await for adding credentials, while google-authenticator uses Java and a more traditional object-oriented approach. yubioath-flutter's implementation is more concise and modern, leveraging Flutter's asynchronous programming model.

yubioath-flutter focuses on Yubico hardware integration, offering a specialized solution for users of Yubico devices. google-authenticator, on the other hand, provides a more general-purpose TOTP implementation that works across a wider range of devices and use cases.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Google Authenticator OpenSource

The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms. One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth).

This GitHub project is specifically for the Google Authenticator apps which target the Blackberry and iOS mobile platforms.

Other related Google Authenticator opensource projects can be found as noted below:

There are no account backups in any of the apps by design.

These apps are not on the app stores, and their code has diverged from what's in the app stores, so patches here won't necessarily show up in those versions.

These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

Further documentation is available in the Wiki.