Contact

Subscribe via Email

Subscribe via RSS/JSON

Categories

Creative Commons Attribution 4.0 International License
© Rakhesh Sasidharan

Elsewhere

Extract secret keys from Two-Factor Authentication (TFA) QR codes

Got me Pebble Time yesterday! Yay. Found a cool app for Two-Factor Authentication codes called QuickAuth (it’s open source too, amazing!). 

The app requires you to enter the secret keys for your Two-Factor Authentication sites. Unfortunately I never saved these when I set up TFA on my devices. I was smart enough to save the QR code for each site and this way I was always able to add new devices by just scanning the saved QR code, but now I had to enter the secret key and I was stuck. 

Enter another open source project Zebra Crossing (zxing). This is a library for processing QR codes and they have an Android app called Barcode Scanner. Get this app, scan the QR code, and you get an output that starts with otp://. That’s the secret key you want. Enter this into QuickAuth. 

If you don’t want to download the app there’s also an online interface to upload a QR code and decode. Nice!

p.s. In case it helps anyone – on the face of it there seems to be no easy way to delete a key/ site once you enter it into QuickAuth. Later I realized if I long press the select button on the pebble when it shows a code I get many options. One of these lets you delete the key/ site.