Cannot import from Google Authenticator about keepassotp HOT 13 CLOSED

• if multiple entries were exported, I'll reject the string as it's not clear which one to use

Sorry for the necroposting but I've just faced with the task of transferring Authenticator's export and I think the issue from the quote could be easily solved by asking a user to select corresponding KeePass entries for all entries from oauth-migration since doing this one by one is pretty tedious.

from keepassotp.

This could provide more information on how to decode that data:

• google/google-authenticator-android#118
• https://github.com/topics/otpauth-migration

from keepassotp.

I'll have a look, thanks for sharing the links.

from keepassotp.

To give you a heads-up...

Doing the conversion from otpauth-migration to otpauth is of course possible and I meanwhile have a parser for that (not yet released).

My current plan:

• User inputs the otpauth-migration string in the OTP setup
• data is converted and and saved if exactly one entry was exported
• if multiple entries were exported, I'll reject the string as it's not clear which one to use

A migration similar to migration from e.g. KeeOtp isn't possible

from keepassotp.

Alright, that sounds good. Now I'll have to find a QR reader for Windows so that I can read the code directly from the phone screen with my webcam without using a separate digital camera and other complicated hacks.

from keepassotp.

I have a working version (link to source)

Unfortunately this required me to include precompiled libraries as KeePass can't compile the plgx-file if I'm just using the nuget package to parse Google's proto format.

Please try the pre-release of v0.17 while I'm trying to change the library thing.
https://github.com/Rookiestyle/KeePassOTP/releases/tag/v.017

from keepassotp.

Thanks for the implementation. I've tried the 0.17 pre-release and it works well! The data can be imported and the generated codes work fine.

from keepassotp.

Thanks for your feedback.

The officially released version 0.17 has undergone an internal cleanup and in addition offers the option to drag&drop the Google Authenticator QR code in case you manage to save it as an image.

from keepassotp.

Thank you for the quick solution!

How does that drag&drop thing work and what can it do? I couldn't drop an arbitrary image file (.png) on the OTP setup dialog window. And I'll have problems getting the QR code out of the Google Authenticator app. It blocks screenshots and provides no other export methods. I had to use a QR code reader on another device, copy that content via clipboard into a file, transfer that file and then copy&paste from a text editor into that dialog window. That's complicated and opens several security holes of potential data leaks. Do you think it would be possible for the OTP plugin to use a local camera directly and scan the QR code from the phone screen? I don't know how compatible and complex that is.

from keepassotp.

I created a small wiki page: Import from Google Authenticator
It describes very briefly how to import data.
I tested both ways successfully

• Scanning the code with a 2nd smartphone and then using the text shown by the QR code scanner app
• Using scrcpy on my computer, making a screenshot on my computer and using drag&drop - of course, I needed to cut the screenshot to only contain the QR code and not my entire desktop

The OTP setup form of KeePassOTP shows a small QR code.
This serves as drag&drop target and you can use it for QR code files stored on your local compute or for images shown on websites.

I also released v0.18 which can handle Google Authenticator QR codes containing QR more than 1 account

If drag&drop is not working for you I propose to raise a new issue and provide some more details.
It would be great if you can attach the picture that you could not use.
Of course you should create a dummy entry in your Google Authenticator and attach the QR code of this :)

from keepassotp.

Adding direct access to hardware devices is beyond the scope of this plugin.
It would be dependant on hardware / drivers / OS.

If scrcpy is not working and you're concerned about security (which is good), please consider sending the file in an encrypted way (mail clients using PGP or something similar)

from keepassotp.

Okay, the wiki page explains it. Except that it doesn't mention where to drop the dragged file. It's important to drop it on that icon, elsewhere won't work. I didn't understand this before your explanation, so I consider it non-intuitive.

scrcpy looks like a complicated debugging environment tool. It needs certain device setup (adb...) and special connections. Not something I'd use for occasional use. I've already got Microsoft's "Your Phone" app but it suffers from the same no-screenshots-allowed restrictions as probably any other remote screen software.

I'm less concerned about transferring the file (in my local LAN) than about the clipboard operations. You know that lots of apps are constantly spying on the clipboard, as has been discovered recently on iOS due to an OS warning if that happens in the background. I'd wish Android had that warning, too. Windows won't help here certainly. But the clipboard is often the only way to get recognised QR codes out of the reader app.

I'm still looking for a good QR reader for Windows that can also use my USB webcam. There's an image decoding library (ZXing.Net) but the camera part seems harder for non-UWP (desktop) apps.

Maybe it'll work to use the Windows built-in camera app and drag the image file onto your dialog. I'll try that next time.

from keepassotp.

scrcpy looks like a complicated debugging environment tool. It needs certain device setup (adb...) and special connections. Not something I'd use for occasional use. I've already got Microsoft's "Your Phone" app but it suffers from the same no-screenshots-allowed restrictions as probably any other remote screen software.

I used the prebuilt package as suggested in scrcpy's readme:

For Windows, for simplicity, a prebuilt archive with all the dependencies (including adb) is available

I downloaded and extracted it, activated USB debugging on my phone and connected it to my computer using USB. After starting scrcopy-noconsole.exe my smartphone's display was shown on my computer.

from keepassotp.