keepass-macpass-helper icon indicating copy to clipboard operation
keepass-macpass-helper copied to clipboard

Published 20 hours ago verified publisher icon belaviyo

Generates wrong OTP code

Open kalahiri opened this issue 3 years ago • 1 comments

Thanks for your great work and nice plugin. I am very happy with it.

I am trying to use OTP in keepasshelper, but it looks like keepasshelper generates the wrong TOTP code. This is probably an issue of using a different algorithm. Unfortunately, I am not able to figure out how to change the algorithm.

Setting it up through an TOTP URI didn't work for me, but it is difficult to get it right without some clear instructions on how to implement it.: ...

kalahiri avatar Oct 28 '21 10:10 kalahiri

Do not share your real secret anywhere. Go to your Gmail account and restart the process if this is your real secret key.

Anyhow, I added a new string field on my KeePassXC with the following info, and the generated key (by pressing the OTP button in the popup) matched with the one the KeePassXC generates. So it looks fine to me!

Key: KPH: otp Value: otpauth://totp/Example:[email protected]?secret=*****&issuer=Example

belaviyo avatar Oct 28 '21 11:10 belaviyo

I am using Keepass with keepasshttp and I have the same problem the generated OTP is wrong and not only for gmail but for all my TOTP. In my database I have an advanced field otp containing key=****** In Keepasshelper "KPH: " only is unchecked. I would like to avoid duplicate all the otp fields

Swiiney avatar Sep 04 '23 14:09 Swiiney

You probably need to define a different Time Server. That helped for me. Under Advanced Options I had to define the Google 2FA Server for Time Correction (https://www.google.com/generate_204) grafik

bastianleicht avatar Dec 06 '23 11:12 bastianleicht

Using the "key=" syntax generates the wrong (and static) totp for me, but using only the "" in the value field works correctly.

Also, the secret key cannot include spaces, as it is customary to display key strings.

The extension fails silently on secret keys it cannot parse, and outputs a non-changing/static otp code.

drok avatar Dec 15 '23 09:12 drok

@drok currently the extension supports value of the following formats:

Value: otpauth://totp/Example:[email protected]?secret=*****&issuer=Example

or

Value: *****

Do you have a sample that inserts secrets in key=?

belaviyo avatar Dec 19 '23 05:12 belaviyo

Do you have a sample that inserts secrets in key=?

@belaviyo, the key= sample is in section 13 of the documentation at https://webextension.org/listing/keepass-helper.html This page is linked as an FAQ from https://chromewebstore.google.com/detail/keepasshelper-password-ma/jgnfghanfbjmimbdmnjfofnbcgpkbegj

drok avatar Dec 19 '23 07:12 drok

Right, the extension checks both key= and secret=. But there was a bug that is fixed now. Should work fine from the next release.

belaviyo avatar Dec 19 '23 09:12 belaviyo