-
Notifications
You must be signed in to change notification settings - Fork 970
Home
The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth).
These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.
- Checking Out
- BlackBerry Development
- Conflicting Accounts
- Key Uri Format
- Pam Module Instructions
- Troubleshooting Tips
This project currently offers mobile application implementations of HOTP/TOTP for Android, iOS, and Blackberry, as well as a PAM module.
The code for Android has been moved to a separate GitHub project.
The Android mobile app supports:
- Multiple accounts
- Support for 30-second TOTP codes
- Support for counter-based HOTP codes
- Key provisioning via scanning a QR code
- Manual key entry of RFC 4648 base32 key strings
DISCLAIMER: This open source project allows you to download the code that powered version 2.21 of the application. Subsequent versions contain Google-specific workflows that are not part of the project.
The iOS mobile app supports:
- Multiple accounts
- Support for 30-second TOTP codes
- Support for counter-based HOTP codes
- Key provisioning via scanning a QR code
- Manual key entry of RFC 4648 base32 key strings
The BlackBerry mobile app supports:
- Multiple accounts
- Support for 30-second TOTP codes
- Support for counter-based HOTP codes
- Manual key entry of RFC 4648 base32 key strings
The PAM module can add a two-factor authentication step to any PAM-enabled application. It supports:
- Per-user secret and status file stored in user's home directory
- Support for 30-second TOTP codes
- Support for emergency scratch codes
- Protection against replay attacks
- Key provisioning via display of QR code
- Manual key entry of RFC 4648 base32 key strings
You can checkout the project's source code from the Git repository. See more details in Checking Out.