1

I am searching for a way to obtain the current code in my Google Authenticator app. for a specific account.

Please note that I'm not looking for embedding Google 2FA to any of server-side application - I guess it has been already well-documented.

I am trying to get the same current code shown in my own Google 2FA app. (by providing my Google credientials ofcourse) so I can make my app fully automated even when logging in (to a specific system/website) without asking for the code each time I start the app.

Thanks by now.

UPDATE: Even if I can't find any answer or simply "there is no way", there is still a way even if it's too ugly.

Running an ios/android simulator (and configure it once by installing the Google Auth app) and simulate the mouse clicks over it and then capturing a screenshot and decoding the code from the image would be much of a work but also can actually work. I'm just trying to find a better way, if there is any.

Roni Tovi
  • 828
  • 10
  • 21
  • I'm guessing this is not possible because you would basically be bypassing MFA. – Neil Feb 07 '22 at 12:27
  • 1
    What you would need is the key that is only visible when you create/add the token to (Google) authenticator, then run this through the TOTP algorithm. Just because you can doesn't mean you should though, you risk exposing the secret key – phuzi Feb 07 '22 at 13:02
  • thank you, it worked. much easier than my dirty solution – Roni Tovi Feb 07 '22 at 15:35

1 Answers1

2

You could solve this by generating the OTP code locally using a library such as OTP.Net. Simply save the secret locally, and add it to .gitignore if using git.

Then you can make a code on demand like so:

using OtpNet;
var totp = new Totp(secretKey);
var totpCode = totp.ComputeTotp();
Julian Silden Langlo
  • 334
  • 2
  • 12