Foil Auth

Rating: 
5
Your rating: None Average: 5 (21 votes)

Secure OTP (One-Time Password) generator for Sailfish OS.

Foil Auth keeps secret authentication keys encrypted with your Foil password. Supports time-based (TOTP), counter-based (HOTP) and Steam passwords. Tokens can be shared and imported via QR codes.

Foil password (and the RSA encryption key ~/.local/share/foil/foil.key) is shared with Foil Pics and Foil Notes. Encrypted authentication keys for OTP generation are stored in ~/Documents/FoilAuth.

The format of the encrypted file is described here.

Note that you can add your encrypted files and the Foil key to the backup with the help of My Backup app.

Source code: https://github.com/monich/harbour-foilauth

Screenshots: 
Application versions: 
AttachmentSizeDate
File harbour-foilauth-1.1.10-1.aarch64.rpm372.37 KB10/10/2024 - 02:34
File harbour-foilauth-1.1.10-1.armv7hl.rpm325.58 KB10/10/2024 - 02:34
File harbour-foilauth-1.1.10-1.i486.rpm390.09 KB10/10/2024 - 02:34
File harbour-foilauth-1.1.9-1.aarch64.rpm359.37 KB22/07/2023 - 06:32
File harbour-foilauth-1.1.9-1.armv7hl.rpm331.7 KB22/07/2023 - 06:32
File harbour-foilauth-1.1.9-1.i486.rpm377.38 KB22/07/2023 - 06:32
File harbour-foilauth-1.1.8-1.aarch64.rpm359.54 KB22/07/2023 - 06:02
File harbour-foilauth-1.1.8-1.armv7hl.rpm331.51 KB22/07/2023 - 06:02
File harbour-foilauth-1.1.8-1.i486.rpm377.66 KB22/07/2023 - 06:02
File harbour-foilauth-1.1.7-1.aarch64.rpm358.48 KB07/05/2023 - 20:23
File harbour-foilauth-1.1.7-1.armv7hl.rpm330.58 KB07/05/2023 - 20:23
File harbour-foilauth-1.1.7-1.i486.rpm376.6 KB07/05/2023 - 20:23
File harbour-foilauth-1.1.6-1.aarch64.rpm347.88 KB14/04/2023 - 22:02
File harbour-foilauth-1.1.6-1.armv7hl.rpm319.5 KB14/04/2023 - 22:02
File harbour-foilauth-1.1.6-1.i486.rpm364.58 KB14/04/2023 - 22:02
File harbour-foilauth-1.1.5-1.aarch64.rpm346.14 KB15/01/2023 - 06:22
File harbour-foilauth-1.1.5-1.armv7hl.rpm317.69 KB15/01/2023 - 06:22
File harbour-foilauth-1.1.5-1.i486.rpm362.39 KB15/01/2023 - 06:22
File harbour-foilauth-1.1.4-1.aarch64.rpm331.35 KB26/09/2022 - 20:00
File harbour-foilauth-1.1.4-1.armv7hl.rpm303.98 KB26/09/2022 - 20:00
File harbour-foilauth-1.1.4-1.i486.rpm347 KB26/09/2022 - 20:00
File harbour-foilauth-1.1.3-1.aarch64.rpm332.16 KB17/08/2022 - 02:32
File harbour-foilauth-1.1.3-1.armv7hl.rpm303.84 KB17/08/2022 - 02:32
File harbour-foilauth-1.1.3-1.i486.rpm346.76 KB17/08/2022 - 02:32
File harbour-foilauth-1.1.2-1.aarch64.rpm321.5 KB25/07/2022 - 04:57
File harbour-foilauth-1.1.2-1.armv7hl.rpm292.19 KB25/07/2022 - 04:57
File harbour-foilauth-1.1.2-1.i486.rpm335.18 KB25/07/2022 - 04:57
File harbour-foilauth-1.1.1-1.aarch64.rpm365.23 KB13/06/2022 - 04:58
File harbour-foilauth-1.1.1-1.armv7hl.rpm328.79 KB13/06/2022 - 04:58
File harbour-foilauth-1.1.1-1.i486.rpm372.66 KB13/06/2022 - 04:58
File harbour-foilauth-1.1.0-1.aarch64.rpm364.06 KB20/03/2022 - 21:13
File harbour-foilauth-1.1.0-1.armv7hl.rpm327.55 KB20/03/2022 - 21:13
File harbour-foilauth-1.1.0-1.i486.rpm370.51 KB20/03/2022 - 21:13
File harbour-foilauth-1.0.21-1.aarch64.rpm364.35 KB15/11/2021 - 02:26
File harbour-foilauth-1.0.21-1.armv7hl.rpm327.73 KB15/11/2021 - 02:26
File harbour-foilauth-1.0.21-1.i486.rpm372.17 KB15/11/2021 - 02:26
File harbour-foilauth-1.0.20-1.aarch64.rpm364.29 KB05/11/2021 - 04:45
File harbour-foilauth-1.0.20-1.armv7hl.rpm721.42 KB05/11/2021 - 04:45
File harbour-foilauth-1.0.20-1.i486.rpm843.93 KB05/11/2021 - 04:45
File harbour-foilauth-1.0.19-1.aarch64.rpm363.92 KB10/10/2021 - 21:43
File harbour-foilauth-1.0.19-1.armv7hl.rpm327.26 KB10/10/2021 - 21:43
File harbour-foilauth-1.0.19-1.i486.rpm370.8 KB10/10/2021 - 21:43
File harbour-foilauth-1.0.18-1.aarch64.rpm369.01 KB30/07/2021 - 21:13
File harbour-foilauth-1.0.18-1.armv7hl.rpm331.71 KB30/07/2021 - 21:13
File harbour-foilauth-1.0.18-1.i486.rpm375.73 KB30/07/2021 - 21:13
File harbour-foilauth-1.0.17-22.1.aarch64.rpm353.09 KB18/04/2021 - 00:26
File harbour-foilauth-1.0.17-22.1.armv7hl.rpm309.04 KB18/04/2021 - 00:26
File harbour-foilauth-1.0.17-22.1.i486.rpm361.11 KB18/04/2021 - 00:26
File harbour-foilauth-1.0.16-21.1.aarch64.rpm348.66 KB23/02/2021 - 20:07
File harbour-foilauth-1.0.16-21.1.armv7hl.rpm305.05 KB23/02/2021 - 20:07
File harbour-foilauth-1.0.16-21.1.i486.rpm357.06 KB23/02/2021 - 20:07
File harbour-foilauth-1.0.15-20.1.aarch64.rpm346.32 KB23/02/2021 - 05:19
File harbour-foilauth-1.0.15-20.1.armv7hl.rpm304.09 KB09/01/2021 - 07:06
File harbour-foilauth-1.0.15-20.1.i486.rpm355.31 KB09/01/2021 - 07:06
File harbour-foilauth-1.0.14-19.1.armv7hl.rpm303.1 KB20/12/2020 - 06:53
File harbour-foilauth-1.0.14-19.1.i486.rpm354.77 KB20/12/2020 - 06:53
File harbour-foilauth-1.0.13-18.1.armv7hl.rpm301.55 KB11/12/2020 - 06:45
File harbour-foilauth-1.0.13-18.1.i486.rpm353.98 KB11/12/2020 - 06:45
File harbour-foilauth-1.0.12-17.1.armv7hl.rpm302.42 KB30/11/2020 - 18:17
File harbour-foilauth-1.0.12-17.1.i486.rpm353.5 KB30/11/2020 - 18:17
File harbour-foilauth-1.0.11-16.1.armv7hl.rpm300.52 KB16/11/2020 - 13:58
File harbour-foilauth-1.0.11-16.1.i486.rpm352.83 KB16/11/2020 - 13:58
File harbour-foilauth-1.0.10-15.1.armv7hl.rpm300.43 KB16/11/2020 - 03:39
File harbour-foilauth-1.0.10-15.1.i486.rpm352.43 KB16/11/2020 - 03:39
File harbour-foilauth-1.0.9-14.1.armv7hl.rpm299.11 KB13/10/2020 - 01:29
File harbour-foilauth-1.0.9-14.1.i486.rpm351.27 KB13/10/2020 - 01:29
File harbour-foilauth-1.0.8-12.1.armv7hl.rpm300.59 KB08/10/2020 - 02:23
File harbour-foilauth-1.0.8-12.1.i486.rpm353.29 KB08/10/2020 - 02:23
File harbour-foilauth-1.0.7-11.1.armv7hl.rpm298.25 KB03/01/2020 - 19:39
File harbour-foilauth-1.0.7-11.1.i486.rpm350.45 KB03/01/2020 - 19:39
File harbour-foilauth-1.0.6-10.1.armv7hl.rpm297.09 KB12/11/2019 - 03:02
File harbour-foilauth-1.0.6-10.1.i486.rpm348.5 KB12/11/2019 - 03:02
File harbour-foilauth-1.0.5-9.1.armv7hl.rpm289.9 KB22/04/2019 - 13:06
File harbour-foilauth-1.0.5-9.1.i486.rpm340.12 KB22/04/2019 - 13:06
File harbour-foilauth-1.0.4-8.1.armv7hl.rpm289.68 KB13/04/2019 - 00:41
File harbour-foilauth-1.0.4-8.1.i486.rpm339.26 KB13/04/2019 - 00:41
File harbour-foilauth-1.0.3-7.1.armv7hl.rpm288.45 KB11/04/2019 - 15:03
File harbour-foilauth-1.0.3-7.1.i486.rpm337.9 KB11/04/2019 - 15:03
File harbour-foilauth-1.0.2-6.1.armv7hl.rpm287.17 KB11/04/2019 - 01:18
File harbour-foilauth-1.0.2-6.1.i486.rpm336.38 KB11/04/2019 - 01:18
File harbour-foilauth-1.0.1-5.1.armv7hl.rpm285.06 KB10/04/2019 - 18:37
File harbour-foilauth-1.0.1-5.1.i486.rpm335.06 KB10/04/2019 - 18:37
File harbour-foilauth-1.0.0-4.1.armv7hl.rpm284.31 KB10/04/2019 - 14:46
File harbour-foilauth-1.0.0-4.1.i486.rpm333.54 KB10/04/2019 - 14:46
Changelog: 
  • 1.1.10 (Oct 10 2024)
    - Do not run the countdown timer at startup
    - Added UI for configuring auto-lock delay
    - Use wakeup timer for auto-lock
    - Allow to scan QR code with the front camera
  • 1.1.9 (Jul 22 2023)
    - Fixed countdown timer on the cover page
  • 1.1.8 (Jul 22 2023)
    - Actually use timeshift
    - Fixed couple of Steam token issues
  • 1.1.7 (May 7 2023)
    - Added support for Steam variant of TOTP
  • 1.1.6 (Apr 14 2023)
    - Improved QR code scanning
    - Slightly redesigned QR code page
    - Request focus for password field at startup
    - Updated Swedish translation (Åke Engelbrektson)
  • 1.1.5 (Jan 15 2023)
    - Support for token groups
    - New UI for reordering tokens
    - Updated Polish translation (Atlochowski)
  • 1.1.4 (Sep 26 2022)
    - Fixed a problem with import via QR code
  • 1.1.3 (Aug 17 2022)
    - Implemented import of multiple tokens
    - Freshened up the UI
    - Removed MD5 support
  • 1.1.2 (Jul 25 2022)
    - Tweaked token creation workflow
    - Switched QR-code decoding from zxing to zbar
    - Properly support non-ASCII labels
  • 1.1.1 (Jun 13 2022)
    - Allow to turn autolock off
  • 1.1.0 (Mar 20 2022)
    - Opt out of sandboxing (no more Jolla Store updates!)
    - Improved QR code scanning performance
    - Minor UI tweaks
    - Added Chum metadata
                                                  
    • 1.0.21 (Nov 15 2021)
      - Load libcrypto.so dynamically
    • 1.0.20 (Nov 5 2021)
      - Link OpenSSL 1.0 statically for compatibility with Sailfish OS 4.3
      - Updated Polish translation (Atlochowski)
      - Tweaked selection page
    • 1.0.19 (Oct 10 2021)
      - Support for HOTP (counter-based) passwords
      - Copy password to clipboard on tap
    • 1.0.18 (Jul 30 2021)
      - Allow to choose HMAC digest algorithm
      - Generate QR codes with lower error correction level
      - Reworked QR code scan UI transitions
      - Don't ignore issuer of scanned tokens
      - Export or delete multiple tokens at once
    • 1.0.17 (Apr 18 2021)
      - Support for reading otpauth-migration QR-codes
    • 1.0.16 (Feb 23 2021)
      - Hungarian translation (@1Zgp)
    • 1.0.15 (Jan 9 2021)
      - Tweaked remorse items a bit
      - Integration with My Backup
    • 1.0.14 (Dec 20 2020)
      - Fixed flashlight
    • 1.0.13 (Dec 11 2020)
      - Fixed QR code scanning on Sailfish OS 4.0
      - Updated libqrencode to v4.1.1
    • 1.0.12 (Nov 30 2020)
      - Added "Show QR code" context menu item
      - Display QR code full screen when it's tapped
    • 1.0.11 (Nov 16 2020)
      - Updated Polish translation (Atlochowski)
    • 1.0.10 (Nov 15 2020)
      - Adapted to recent changes in Sailfish OS
      - Polished landscape layouts
    • 1.0.9 (Oct 12 2020)
      - Fixed a problem with initial update of current passwords
      - More dialog titles
    • 1.0.8 (Oct 7 2020)
      - Added German translation (Samuel Kron)
      - Use stronger SHA256 digest for signature
      - Tweaked password change UI
    • 1.0.7 (Jan 3 2020)
      - Support for scanning inverted QR codes
      - Autolock is delayed by 15 seconds
      - Miscellaneous UI tweaks
    • 1.0.6 (Nov 12 2019)
      - Freshened up the UI
    • 1.0.5 (Apr 22 2019)
      - Query the actual maximum zoom from the camera
      - Improved French (Quentí) and Polish (Atlochowski) translations
    • 1.0.4 (Apr 12 2019)
      - French translation (Quentí)
    • 1.0.3 (Apr 11 2019)
      - Swedish translation (Åke Engelbrektson)
    • 1.0.2 (Apr 11 2019)
      - Chinese translation (@dashinfantry)
    • 1.0.1 (Apr 10 2019)
      - Polish translation (Atlochowski)
    • 1.0.0 (Apr 10 2019)
      - Initial version

    Comments

    myjollaph's picture

    Hi, I love this App and use it on daily bases -> thanks so much
    One thing though, and sorry if you've already answered/explained this earlier, but I was wondering if it could be possible to store the content of ~/Documents/FoilAuth on the SD card instead of the phone or do you think that if I create a sym link it would still work, even after reboot? Cheers

    slava's picture

    Symlink should work as long as the target directory/volume is there.

    poetaster's picture

    Just a big thank you. As is true for all your apps, it's as nice under the hood as it is to use!

    slava's picture

    You're welcome)

    mp0's picture

    The worst application I used. Lost a lot of accounts because of using it. It asks for password, which I forget after 1 minute. Next day, I need to create a new password, because the previous one is forgotten. And this lasts for months.

    ade's picture

    SailOTP (https://openrepos.net/content/seiichiro0185/sailotp) is an alternative without a password.

    slava's picture

    Yeah, the whole point of this one is to protect OTP secrets with a password. Which some may argue isn't that important if you have the entire user partition encrypted (mine isn't).

    slava's picture

    This app is not intended to be used by people who can't remember their passwords))

    poetaster's picture

    Just wanted to note that fail auth works really well. Thanks!

    jolla4ever's picture

    @slava, a must have programm. Thank you very much!

    slava's picture

    If Foil Auth settings page doesn't show up, you may have to fix /usr/share/jolla-settings/pages/ApplicationsGrid.qml (look for root.openSandboxed) or you can modify /apps/harbour-foilauth/autoLock from the command line e.g. dconf write /apps/harbour-foilauth/autoLock false. Sadboxing may have messed things up in the application settings area too.

    norayr's picture

    3vixan, i did that once and it worked.

    lqramen's picture

    SF 4.3, cannot install due to missing libcrypto.so.1

    lpr's picture
    slava's picture

    I swear I didn't delete it)) Seriously speaking, it looks like I have no choice but to link openssl statically in order to keep the app compatible with both systems not having libcrypto.so.10 and those not having libcrypto.so.1.1 which sadly will make the app HUGE. That sucks. It really does. Especially considering that libcrypto.so.10 was allowed in Jolla Store.

    In the meantime, you can find a build linked against your favorite release from Chum. With the introduction of SFOS 4.3, releases are no longer backward compatible. It's hard to describe how I detest that.

    lpr's picture

    another round here: no, don't do that but link dynamically to openssl1.1 and jolla1 users just install openssl from here: https://openrepos.net/content/lpr/curl

    slava's picture

    And another round here: Chum is your friend if you want an armv7hl build linked against openssl1.1. There's nothing wrong with linking openssl1.0 or anything else statically if it's not part of the OS anymore.

    lpr's picture

    to all SFOS users: please update your openssl.

    Then a version linked against 1.1.1 is backward compatible

    slava's picture

    Oh come on. A version dynamically linked with openssl1.1 can't be backward compatible with the systems which don't have openssl1.1.

    lpr's picture

    just install 1.1 then it is

    slava's picture

    I can't do it for the user. And if the user is skilled enough to do it, then he/she must be skilled enough to install a variant of my app linked against openssl1.1 from already mentioned Chum. Right?

    I did consider statically linking openssl1.1, but it didn't compile out of the box against sufficiently old SDK. So it's not as trivial as you're trying to make it sound.

    3vixan's picture

    Can I copy the last key file in another SFOS phone and reload the OTPs?

    slava's picture

    If you copy the key ~/.local/share/foil/foil.key and encrypted files from ~/Documents/FoilAuth to another phone, the secrets should get loaded. Note, however, that if you overwrite ~/.local/share/foil/foil.key with a different one, you lose access to the secrets encrypted with the old key. Be careful.
    Another (and safer) way to transfer OTP secrets between devices is a QR code - show it on one device and then read from the other, that works between devices with different keys. There is even a bulk sharing function on the Select page. No bulk import though (yet).

    cquence's picture

    I had to download the aarch64 rpm from the github page, somehow it was not available through Openrepos. Thanks for this great app. Migration from XA2 was easy using the QR code

    slava's picture

    Strange, aarch64 rpm is available from this page too. Anyway, I'm glad that you've got it installed one way or the other. Cheers!

    MacGyver's picture

    Just wondering, if you ever thought of having a way to backup things to SD card from app itself?
    Now I have a script, that creates a backup of the files on my SD card, but its a bit of a hassle.

    slava's picture

    Yes, I did think about it (and even drafted a prototype) but decided to write a separate backup app instead, which would cover all my Foil apps at once and possibly any custom user-specified dconf/filesystem entries in addition to that. But that app isn't ready yet.

    MacGyver's picture

    Ok, cool, I will keep my eyes open for it then :)

    MacGyver's picture

    Are you adding HOTP support in near future? Id like to use this app instead of SailOTP, just cause it has the codes behind encrypted password and not open to everyone like SailOTP if they get access to phone.
    I guess no need for import/export, cause you can just copy the ~/Documents/FoilAuth file? Do I need to backup the ~/.local/share/foil/foil.key file too? Just wanna know how correctly backup things, if anything bad happens to phone!
    I have multiple Jolla devices and would like to copy tokens to those too. How can I accomplish this?

    slava's picture

    You mean counter-based OTP? That shouldn't be too hard, I just wasn't sure if anyone is using that.

    As for backup/export, yes you need both ~/Documents/FoilAuth directory and ~/.local/share/foil/foil.key file - the latter is the RSA private key required for decrypting your tokens (the key itself being AES-encrypted with your password)

    Pages