authenticator-extension / authenticator Goto Github PK
View Code? Open in Web Editor NEWAuthenticator generates 2-Step Verification codes in your browser.
Home Page: https://authenticator.cc
License: MIT License
Authenticator generates 2-Step Verification codes in your browser.
Home Page: https://authenticator.cc
License: MIT License
@mymindstorm do you have any uncommited work after 5458490 ? I will do a rebase on dev branch to fix messed commit line if it is okay.
Following Dropbox team's suggestion, change OAuth to token flow from code flow, and remove app key and app secret from source code.
@Sneezry pretty much all the big CI (travis / circleci) services have a free tier for open source software, do you want me to try to throw something basic together?
Things to test:
The about content is just a set of license information, how about move it into popup.html, and just leave it as English?
Message windows should have a border and like everything else.
Actually, a lot of site will generate such tokens with (=), e.g. Amazon, Dropbox, Vultr. I'm pretty sure there will be more.
code generated for bittrex is 000000
Is there any other changes we need to merge before release v5.0.7? Is it okay for us to release v5.0.7 on March 17th?
Let's say, there are 2 browsers A and B with the same encrypted data:
{
hash_1: {
secret: <encrypted secret_1 with password_1>
}
}
Once the user changes password in A with password_2
, data on A is now:
{
hash_1: {
secret: <encrypted secret_1 with password_2>
}
}
Now we know account data with hash_1
on A is newer then B, so B's data with hash_1
will be overwritten by A, in another word, one day, data with hash_1
will also have secret encrypted with password_2
on B.
However, we know data sync with Chrome is not instantly, user possible add another account with hash_2
with the old password_1
on B, that is to say B is not synced with A in time, but another account is added. Now data on B is:
{
hash_1: {
secret: <encrypted secret_1 with password_1>
},
hash2: {
secret: <encrypted secret_2 with password_1>
}
}
We notice that data with hash_1
will be synced to A from B, and data with hash_2
will be synced to B from A, then both of A and B have such data:
{
hash_1: {
secret: <encrypted secret_1 with password_2>
},
hash_2: {
secret: <encrypted secret_2 with password_1>
}
}
We cannot handle multi-password currently, so the user will only see part of accounts with different passwords, and Export / Import, Security, Add account will never work.
We really need provide a method to allow users to fix their data then.
Version disabled, investigating cause.
Downloaded backup:
{
"b20f962cbf083014474164e0504eb65c": {
"account": "[email protected]",
"hash": "b20f962cbf083014474164e0504eb65c",
"issuer": "",
"secret": "QXA5R6AHKYP557S2OMVGQNVPIJYELMQD",
"type": "totp",
"encrypted": false,
"index": 0,
"counter": 0
},
"test": "test"
}
test
key should not be there.
chrome.storage.sync.set({"test": "test"})
and download backup to repro
No response when clicking the Export / Download Backup button.
v5.0.6 in Chrome
Currently, we check if issuer contains active tab url domain to filter entries. It is too weak. If the issuer is GitHub, then the entry should be filtered when user opens github.com
import.html will handle both import from file and old version backup code
Why when I try to open the program can only see a white window, and the codes do not appear?
Just FYI: I've added a signed version of the Firefox build to the pre-release tag. Firefox is a bit more strict on unsigned extensions, so you might not have to create an unlisted version.
When the file select dialog comes up, it closes the popup and stops processing js.
Is there anything else major to finish before merging and deploying 5.0.2? I think what we have is pretty solid for a release.
'Dropbox Token' is missing a zh-cn translation
I don't really understand how to use the dialog past pasting the code into the Dropbox code field. Maybe add some sort of status text and make the token field readonly
if you aren't supposed to put anything there?
One of the websites I login to requires a Yubikey that uses the OATH-HOTP protocol. Unfortunately, pasting the Yubikey secret key into Authenticator doesn't work.
I'm sure WebExt can add a costumed context menu in Firefox but I'm not sure about Chrome/Chromiums
Users checked remember passphrase checkbox in extension may forget password themselves, we should load cached password for them, and remove cached passphrase after they change the passphrase in the next time.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.