Authenticator for Linux

CaffeineAddict

Well-Known Member
Joined
Jan 21, 2024
Messages
1,949
Reaction score
1,522
Credits
16,026
Solid and feature rich authenticators for PC's are rare commodity, so rare that majority of people use authenticators on their phone because thats considered standard (albeit very insecure compared to authenticator on PC), and most likely everyone uses either google authenticator or MS authenticator since those 2 are most popular.

Recently I discovered OTPClient, which is a Linux authenticator based on GTK+

I've set up 2FA with it on all websites that support 2FA and made a backup of local database in case my system crashes and needs to reinstall, so far it works great and I'm happy with it, certainly worth installing and using.

If you're on Debian or Debian based distro it's as simple as:

Bash:
sudo apt install otpclient

---

Do you use 2FA? on your phone or PC? which software?
 


most likely everyone uses either google authenticator or MS authenticator since those 2 are most popular.
AFAIK they use OTP(time-based) as well or one of the protocols most of those 2FA apps use.

Do you use 2FA? on your phone or PC? which software?
I use FreeOTP on my phone because I don't always have a laptop I'm carrying around and I'm not always at home.
 
fwiw .....OTPClient is available in Linux Mint's Software Manager as a Flatpak.

The first screen ...

2024-09-12_06-31.png
 
Solid and feature rich authenticators for PC's are rare commodity, so rare that majority of people use authenticators on their phone because thats considered standard (albeit very insecure compared to authenticator on PC), and most likely everyone uses either google authenticator or MS authenticator since those 2 are most popular.

Recently I discovered OTPClient, which is a Linux authenticator based on GTK+

I've set up 2FA with it on all websites that support 2FA and made a backup of local database in case my system crashes and needs to reinstall, so far it works great and I'm happy with it, certainly worth installing and using.

If you're on Debian or Debian based distro it's as simple as:

Bash:
sudo apt install otpclient

---

Do you use 2FA? on your phone or PC? which software?
I avoid 2FA at all costs. It is insecure and many articles exist pointing that out. In fact I feel it makes things less secure. It all hinges on your phone which hinges on either apple or google account. And we know they are never hacked. So if a person gets your google or apple account then all the 2FA will go to them. Not to mention how much of a pain it is to have to put in a code from a phone. Or what if I do not have service where I am at? then I am stuck? No, I avoid 2FA at all costs and even tell them I do not have a cell phone so they won't ask.
 
Do you use 2FA? on your phone or PC? which software?
I use KeePassXC on my PCs, and on my iPhone KeePassium Pro. They have really nice OTP support.

I put the vault in my self-hosted NextCloud and I make it available to the iPhone via WebDAV.
 
fwiw .....OTPClient is available in Linux Mint's Software Manager as a Flatpak.

The first screen ...
You find it troubling that password can't be recovered?
But how should password recovery work on offline program?

I keep the password in password manager and have to remember only master password.

I avoid 2FA at all costs. It is insecure and many articles exist pointing that out. In fact I feel it makes things less secure. It all hinges on your phone which hinges on either apple or google account. And we know they are never hacked. So if a person gets your google or apple account then all the 2FA will go to them.
True, that's why don't want 2FA on phone ruled by google or which ever other company, but instead on PC because then you're in full control, your offline database can't be hacked unless your PC is hacked as well and your authenticator password stolen.

And that's way more secure than having authenticator on phone, it's the reason why I made this thread, to promote authenticator on PC instead of phone.
 
@CaffeineAddict I came across a 2FA app for pc, since it's posted on Flathub is must work on Linux. So here it is.
I'm already using OTP Client and prefer deb package for install, for other non debian distros flathub could be a good alternative.
And according to screenshots it looks shiny and nicer than OTP client, I'll see, maybe I try it.
 
TBH, I tend to agree with @APTI on this point. I tried OTP Client about 4½ years ago. What a palaver.....and so much messing about.

I only have two a/cs that insist on 2FA. One is my Google Drive a/c - Google don't give you any choice in the matter where this is concerned, because they forcibly migrated everybody to 2FA back in May this year. Either that, or you could kiss goodbye to your a/c.

The other is my bank. They started occasional 2FA "checks" about a year ago, then from June this year it was 2FA every time, whether you liked it or not.

Both of them are happy with a randomised, 12-digit 2FA code sent via SMS to my phone. My phone is a good old-fashioned "dumb-phone" - doesn't even have internet! - so good luck with hacking THAT. Yah, I'm a dinosaur where this is concerned, but it does have its plus points.

I can live with 2FA on the Google a/c, 'cos this is my main Puppy software sharing location. There's no personal stuff, though; slim pickings for any hacker here.

As for my banking, I have a dedicated Puppy set-up just for this in 'kiosk' mode, running in a chroot from a flash drive. I fire it up, and it automatically opens to my bank's website. Then I disconnect the flash drive, so it's running in RAM only. The only other thing I can do with it is to shut down, since this particular Puppy is set-up without a 'save-folder', meaning the session disappears into cyber-space as soon as it powers off again.

~~~~~~~~~~~~~~~~~~~~​

Although I have 4 cloud-hosting a/cs, there is NO personal stuff on any of them. Only Puppy-related stuff. If anybody's desperate enough to hack that, then let 'em get on with it, I say. All the original material is backed-up at home on a detachable USB HDD. The cloud a/cs are just for sharing stuff with the community......and in any case, any would-be hacker would have to be "au fait" with the unique way in which Puppy software is put together.

It's a set-up I'm content with. Works for me.


Mike. ;)
 
Last edited:
good one, I'll use it on my phone if needed.

I'm only sad that steam and paysafe don't support independent authenticators, they provide their own and you have to use theirs or don't use 2FA which is really sad.
Low key getting nervous of losing my phone now that i have multiple authenticatiors on it.
 
Low key getting nervous of losing my phone now that i have multiple authenticatiors on it.
That's what backup/recovery codes are for or setting up an alternative 2FA method besides using an app.
 


Top