pyotp.TOTP code doesn't match authenticator code

Question

I'm trying to use python's support for TOTP to programmatically get the MFA/2FA code available in the Microsoft authenticator application. My code looks like this:

import pyotp
import base64
secret = "mysecretkeyhere".encode( "UTF-8" )
b32Secret = base64.b32encode( secret )
totp = pyotp.TOTP( b32Secret ).now()
print( totp )

The mysecretkeyhere is from scanning the QR code/key, and is of the format

"otpauth://totp/namehere?secret=16digitsecrethere&issue=issuerhere&algorithm=SHA1&digits=6"

When I run this code segment and compare with the 6-digit code in my authenticator application, the generated code in my application and the authenticator app don't agree. The codes don't overlap on a time-delay, either (tested with a while loop that does the bottom two lines repeatedly).

Any suggestions as to how to get the TOTP function to return the same code that's in my authenticator app? Thanks in advance.

score 0 · Answer 1 · answered Jan 21 '22 at 18:11

I'm currently on another issue with pyotp - and so found your problem.

You have a secret, that is an OTP-URI which should simply be parsed. According to documentation:

#!/usr/bin/env python

import pyotp

otp_uri = 'otpauth://totp/namehere?secret=16digitsecrethere&issue=issuerhere&algorithm=SHA1&digits=6'
otp     = pyotp.parse_uri( otp_uri )

print( otp.now() )

Hope that still supports your needs =)
Best
macwinnie

pyotp.TOTP code doesn't match authenticator code

1 Answers1