OTP Authentication with KeePass, without additional plugins
This repository demonstrates an implementation of One-Time Password (OTP) authentication using KeePass for password management and Node.js as the backend server. The project offers a secure method for generating and verifying OTP codes that can be used to enhance user authentication. By integrating KeePass as a secure storage solution, users can easily manage their sensitive credentials, including the secret keys used for OTP generation.
The Node.js server handles OTP generation and validation using speakeasy library to implement Time-based One-Time Password (TOTP). The OTP secret is securely stored in KeePass, ensuring that only authorized users with access to the KeePass database can retrieve the secret needed to generate valid OTP codes. This setup provides an additional layer of security, combining the reliability of OTP-based authentication with the convenience of KeePass for secure credential management.
npm install speakeasynode ./secret.js 'yourlabel'and the output will be something like:
Generated TOTP url: otpauth://totp/yourlabel?secret=JZKVCU2NGNNE6TSNGRKTEVSEKRDU4S2WJVKEIV2HKJEFGU2VIRIU4NKWKVJVCQI&algorithm=SHA256enter the secret value in your local .env file e.g.:
__TOTP_SECRET=JZKVCU2NGNNE6TSNGRKTEVSEKRDU4S2WJVKEIV2HKJEFGU2VIRIU4NKWKVJVCQI
You can also use other applications such as FreeOTP for OTP code generation.
node --env-file=./.env ./validate.js 320446
> TOTP token to validate: 320446
> Is the token valid? true