Authenticator icon indicating copy to clipboard operation
Authenticator copied to clipboard

Published 20 hours ago verified publisher icon Authenticator-Extension

Option to hide codes (copy/paste only)

Open alystair opened this issue 5 years ago • 8 comments

Describe the feature you want: Option to visibly hide all OTP codes in popup, click-to-copy should still function as normal by clicking issuer/account name.

Why do you want this feature in Authenticator? I frequently demo systems that require OTP input as only login method, however for larger crowds this dramatically increases the possibility of an opportunistic shoulder-surfing attack. Hiding the codes negates this issue.

alystair avatar May 27 '19 18:05 alystair

Wouldn't they also need to figure out your password before said token expires? This seems like an unlikely scenario.

vwbusguy avatar Jun 05 '19 21:06 vwbusguy

For projects that use OTP as main login method

alystair avatar Jun 06 '19 04:06 alystair

By the time the snooper gets around to entering your code, wouldn't it be expired since they are time-based?

KharmaScribbles avatar Jun 06 '19 08:06 KharmaScribbles

TOTP is designed to be the second factor, not the first and only. Whatever system you're using is weird.

mymindstorm avatar Jun 06 '19 09:06 mymindstorm

Popular open source Android app andOTP has this exact feature

alystair avatar Jun 08 '19 19:06 alystair

and FreeOTP+ also has this feature

erayerdin avatar Apr 23 '21 13:04 erayerdin

I checked out this extension today and I was surprised to see that it had basically every feature I would ever want except for this one feature. While not strictly necessary, I feel like this would still be a really nice feature to have. It's a pretty common feature among OTP software, so I'd love to see it here too.

ipkpjersi avatar Mar 16 '24 04:03 ipkpjersi

I will try to implement this feature in the next release.

Sneezry avatar Mar 16 '24 06:03 Sneezry