SailOTP is a Sailfish Implementation of the Google-Authenticator algorithms, also known as TOPT (timer based) and HOTP (counter based) as described in RFC 6238 and 4226. A growing number of sites uses this algorithm for two-factor-authentication, including Github, Linode and several Google services.
One can add new OTP-entries using the pulley-menu. Codes can be added using the integrated QR-Code-Reader or by manually typing in the token information.
The main view of the app will show a list off all entries and their current One-Time-Tokens. The entries will be regenerated every 30 seconds, the remaining time for the current tokens is shown through a progress bar at the top of the app. HOTP-type tokens are not updated automatically, instead a refresh button is shown on the right of the token to calculate the next value and increment the counter. An entry can be edited, deleted or moved up and down in the list by long-pressing on it.
In edit-mode one can show a QR-Code of the entry (e.g. for importing it on another device) through the pulley menu.
One entry can be stared by tapping the star icon on the left. the stared item will be shown on the ActiveCover. If the Token is timer based, it will be refreshed every 30 seconds. 5 seconds before the token changes it's color will change to red. For counter based tokens a cover action to calculate the next token is shown instead. The item can be unstared by tapping the star icon again on the main view.
From the main view a token can be copied to the clipboard by tapping on it.
From the pulley menu the token database can be exported to a file for backup purposes. The backup is a AES-256-CBC encrypted and
Base64 encoded file containing a JSON-representation of the database. It can be decrypted with openssl using the following command:
openssl enc -d -a -aes-256-cbc -in <file>
if you need the information outside of SailOTP.
Importing the file is also possible from the pulley menu. If a file contains tokens that are already in the database (title and secret of the token match an existing one), these tokens will not be added again.
It is also possible to generate tokens for SteamGuard (Steams TOTP-Variant for 2-Factor-Auth). To use this feature, one will have to activate it using the original Steam Android app. After activating it one can get the secret code from '/opt/alien/data/data/com.valvesoftware.android.steam.community/files/Steamguard-$STEAMID'. This file contains json data, including the OTP-URL in the form 'otpauth://totp/Steam:$STEAM_USERNAME?secret=$SECRET&issuer=Steam'. The code from this URL can be added manually using the 'Steam Guard'-OTP-Type in SailOTP.
If you find any bugs or want to suggest a feature, feel free to use Githubs Issues feature or write an email to sailfish _AT_ seiichiro0185.org
Changelog:
Version 1.11.1
Version 1.11.0
Version 1.10.2
Version 1.10.1
Version 1.10.0
Version 1.9.4
Version 1.9.3
Version 1.9.2
Version 1.9.1
Version 1.9.0
Version 1.8.2
Version 1.8.1
Version 1.8.0
Version 1.7.2
Version 1.7.1
Version 1.7
Version 1.6
Version 1.5
Version 1.4
Version 1.3
Version 1.2
Version 1.1
Version 1.0
Version 0.8
Version 0.7
Version 0.6
Version 0.5
Version 0.4
Version 0.3
Version 0.2
Version 0.1
- Fix Empty Token List after Restart for New Installs.
Comments
vige
Thu, 2022/09/29 - 10:35
Permalink
Why is the "Copy to Clipboard" menu item hidden unless we have enabled "hide tokens" or "show tokens as qr"? Not a big deal, but I had to actually go and read the source code before realizing that the copy feature even exists.
seiichiro0185
Thu, 2022/09/29 - 10:45
Permalink
If you don't have one of these features (hide token and reveal on tap or show qr-code on tap) enabled there is no menu item because simply taping on the token will copy it to the clipboard. If another function is selected for taping on the token the menu item will appear to make copying still possible.
vige
Fri, 2022/09/30 - 12:22
Permalink
:-O I never realized that...
vige
Mon, 2021/02/22 - 10:08
Permalink
Hi, any chance of getting aarch64 build?
seiichiro0185
Mon, 2021/02/22 - 10:52
Permalink
When Sailfish IDE gets support for 4.0.1 and aarch64 targets, I'll look into it.
vige
Tue, 2021/03/30 - 09:11
Permalink
Well the support for 4.0.1 aarc64 target has been in the SDK since Feb 4th: https://forum.sailfishos.org/t/release-notes-sailfish-sdk-3-3/3289/5
The aarch64 targets just aren't installed by default, you need to either select them in the installer or maintenance tool, or use 'sfdk tools install SailfishOS-4.0.1.48-aarch64' from command line.
seiichiro0185
Wed, 2021/05/26 - 09:01
Permalink
Unfortunately I had some troubles with the SDK and installing the aarch64 Target. After finally getting it to work I have now added an aarch64 build here.
DrYak
Tue, 2022/06/07 - 12:44
Permalink
As a way to simplify building for other arches, would you consider adding SailOTP also the SailfishOS:Chum?
(the automatic build-from-source repo)
simosagi
Tue, 2021/01/19 - 10:46
Permalink
Hi. Since recently, probably from the update to 1.9.1, when I open SailOTP for a split second I see some text (something like 'Nothing here' ?) before my entries are shown.
Everything seems to work, but it's a little annoying (also because there is not enough time to fully read the message so one wonders what exactly that was)
Device is a Sony Xperia XA2, with SailfishOS 3.3
BTW: issue is still there in 1.9.2
seiichiro0185
Tue, 2021/01/19 - 17:55
Permalink
Because of the way loading of the tokens is implemented at the moment, SailOTP starts with the "Nothing here" message you see when no tokens are configured. Depending on how fast the tokens load, this screen might be visible for a split second before the tokens appear on screen.
This behaviour was also there in older version. Maybe the addition of search made loading "slow" enough to make this more visible since 1.9.
simosagi
Tue, 2021/01/19 - 18:50
Permalink
Ok, thanks.
I hope you can find a way to make displaying that message conditional to a first pass to check for existing tokens.
cartron
Wed, 2021/01/06 - 11:51
Permalink
wow, search functionnality, super nice!!! I was missing that, it was hard to scroll through all the items and find the correct one easily, this will definitely help, thanks!!!
explit
Tue, 2021/01/05 - 09:48
Permalink
Small cosmetic bug: About version still show: Version 1.8.1
seiichiro0185
Tue, 2021/01/05 - 11:36
Permalink
Oops, totally missed that one, thanks for the heads up. Will be fixed in 1.9.1.
muppis
Fri, 2020/05/01 - 11:38
Permalink
Works fine with Microsoft O365 MFA.
lra
Sat, 2020/05/16 - 19:18
Permalink
Hi.
I'm curious how did you get the O365 account working on Sailfish? Been trying for a while and all I can see is the mail folders (Inbox, Sent, etc.), but not able to download or send any messages.
MacGyver
Wed, 2019/10/30 - 16:35
Permalink
Would it be possible to add like a PIN code (and/or password) for starting the app and when focusing on it again? Would be nice to be able to protect the codes too.
Im guessing the token database is encrypted?
nobodyinperson
Wed, 2019/03/27 - 17:25
Permalink
Awesome app! Thank you very much!
MooCrumpus
Mon, 2019/03/18 - 14:06
Permalink
Can't import Amazone's QR Code.
donni106
Sun, 2019/04/07 - 21:03
Permalink
+1, same for me. It seems that the Amazon token is too long?
seiichiro0185
Sun, 2019/04/07 - 22:39
Permalink
I uploaded Version 1.8.2 which does fix the problem with Amazon Tokens for me. Please check if it also helps in your case.
donni106
Mon, 2019/04/08 - 18:00
Permalink
Thanks for your time and this rapid deployment. The new version works fine with Amazon.
Historyscholar
Sun, 2019/02/24 - 20:18
Permalink
Awesome
fravaccaro
Sun, 2019/01/20 - 03:38
Permalink
Is there any way to import andOTP databases?
seiichiro0185
Thu, 2019/01/24 - 22:44
Permalink
At the moment there is no import functionality for other OTP tools. The import function can only read SailOTPs own backup files.
Only way to Import is to get a way to extract the secrets from andOTP and import them manually (via adding them manually from the drop-down menu in the QR-Code scanner page)
Ygorr
Wed, 2018/05/23 - 22:48
Permalink
Does it support SecureAuth?
mousse04
Sun, 2018/06/17 - 14:48
Permalink
Unfortunately, no it doesn't support :(
seiichiro0185
Thu, 2018/05/24 - 06:55
Permalink
At the moment SailOTP supports the TOTP and HOTP standards (RFC 6238 and RFC 4226). Additionally it supports generation of Steam Authenticator Tokens. I don't know if SecureAuth uses one of the open OTP standards, if they do, it might be possible to generate tokens with SailOTP. I don't have access to any systems using SecureAuth, so I can't do any testing with it.
MooCrumpus
Tue, 2017/05/09 - 08:46
Permalink
It would be nice, when minimized - where you can carousel through the codes, to be able to copy the code to clipboard. Just the way OwnKeepass handles it.
pauligrinder
Thu, 2017/01/12 - 11:55
Permalink
The steam guard option doesn't seem to work. I succesfully added the secret code found in the original android app, but Steam doesn't accept codes generated by SailOTP :(
Pages