Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
macosx: oathtool totp google 2 factor authentication
#-----------------------------------------------#
# oathtool totp google 2 factor
#-----------------------------------------------#
# if you have already set up 2 factor authentication with your phone
# you need to remove it from your phone and google authenticator app
# this wont invalidate your backup codes or application codes
# login to your google account go to 2 factor authentication,
# select your phone and click remove
# then switch to the google authenticator app on your iphone
# click edit and then swipe left on the gmail generator,
# it should now show a button that says delete,
# click delete to remove the generator
# switch back to your google account and click add phone
# select your iphone
# IMPORTANT
# when you get to the screen where it shows you a qr code,
# select the link underneath that says cant use qr code
# this will show you a secret key to use instead of a qr code
# write the secret key down
# switch to the google authenticator app on your iphone
# click the plus button to add a new generator
# select time based
# add in your gmail email address and the secret key
# the generator will now create a time based code for you
# now log in to gmail with your username and password
# youll be promted for your code, add it and you should log in
#-----------------------------------------------#
get you google secret key from the previous and use it with oathtool
# install oathtool
# ./configure
# make
# sudo make install
# example key
1 # google 2 factor secret key ( example )
b kuq 7ty asd buj lda
2 # remove spaces and convert to uppercase
BKUQ7TYASDBUJLDA
3 # create the 2 factor code
oathtool -b --totp BKUQ7TYASDBUJLDA
# -b = use base32 encoding
# --totp = time based
@jar-o

This comment has been minimized.

Copy link

commented Nov 15, 2016

just wanted to leave this here, a tool I wrote for OSX that is forked from oathtool and works kind of like a Google Authenticator for the command-line:

http://soundly.me/oathplus

plan on posting the code to github soon-ish, after I get the code in a readable state ;)

@naderra

This comment has been minimized.

Copy link

commented Sep 27, 2017

Hmm

I'm attempting the above with an android cell phone, using chrome on a linux desktop ... no joy, stuck.

On the step:

login to your google account go to 2 factor authentication,

select your phone and click remove

Once I have 2FA enabled and attempt to remove the phone (labelled: Voice or text message (Default)) it complains and prevents the operation with the following message:

"2-Step Verification isn't allowed without a verified phone number or the Authenticator app - OK"

I have tried disabling 2FA -> deleting cell phone from Google -> re-enabling 2FA ... but it requests a phone number and I'm stuck again in the same situation ...

At one stage I thought I had done it correctly as it went through the QR code process but somehow I cannot get back there

Also, (slightly unrelated) if I choose under 2FA the "Google Prompt" -> "ADD PHONE" , even though the phone is PIN lock enabled, it does not get to display the phone in the ... kinda like I have described in:

https://productforums.google.com/forum/#!topic/gmail/UDFP_bJ98Hw;context-place=forum/gmail

(it was placed in gmail section but should move to chrome help I guess ...)

Any how ... looking forward to dealing with 2FA events directly from the desktop via command line instead of having to pull out the cell each time ... (maybe there's a neat chrome extension that does this?)

Any ideas greatly appreciated

TIA

Robert

@AlJohri

This comment has been minimized.

Copy link

commented Aug 31, 2018

@jar-o would you mind posting your code to github and also posting to homebrew?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.