How to Install TOTP (Time-based One-time Password) on Linux

TOTP (Time-based One-Time Password) is a widely used 2FA method that generates a time-sensitive code for added security. This guide will walk you through the process of installing, configuring, and utilizing the powerful totp-cli tool on your Ubuntu system to manage your TOTP tokens with ease.

Understanding the Need for TOTP and totp-cli

TOTP codes add an extra layer of protection to your accounts. They work by generating unique, time-sensitive codes that are valid for a short period, typically 30 seconds. This ensures that even if someone gains access to your password, they won't be able to log into your account without the accompanying TOTP code.

totp-cli is a command-line tool specifically designed to manage TOTP tokens on your Ubuntu machine. It provides a convenient and efficient way to add, generate, backup, and restore your TOTP secrets, keeping your accounts secure and your login process streamlined.

Step 1: Installing Go - The Foundation for totp-cli

totp-cli is built using the Go programming language, so it's crucial to have Go installed on your Ubuntu system before proceeding. Here's how to do it:

1. Update Your System: Begin by ensuring that your system is up to date. Open a terminal window and run the following command:

         sudo apt update
       

   
   

2. Install Go: Now, install Go by executing the following command:

         sudo apt install golang-go
       

   
   

   This will download and install Go on your Ubuntu system.

Step 2: Installing totp-cli - Bringing Security to the Command Line

With Go installed, you're ready to install totp-cli:

1. Download and Install totp-cli: Use the following command to install totp-cli:

         go install github.com/agrinman/totp-cli@latest
       

   
   

2. Setting the Go Path (Optional): In some cases, Go may not be automatically added to your system's path. If you encounter issues running totp-cli, you need to add it manually. Open your '.bashrc' file (located in your home directory) and add the following line:

         export PATH=$PATH:$HOME/go/bin
       

   
   

3. Reload Your Terminal: To apply the changes you made to your '.bashrc' file, execute the following command:

         source ~/.bashrc
       

   
   

Step 3: Configuring totp-cli - Adding and Managing Your TOTP Secrets

Now that you have totp-cli installed, it's time to start adding your TOTP secrets. These are the unique codes you receive from the services or applications you want to secure with 2FA.

1. Adding a New TOTP Secret: To add a new TOTP secret, use the following command:

         totp-cli add "My Account" YOUR_SECRET
       

   
   

   • Replace "My Account" with a descriptive name for your account (e.g., "Gmail," "Facebook," "Dropbox").

   • Replace YOUR_SECRET with the actual TOTP secret code that you received from the service.

2. Listing Your TOTP Accounts: To see all the TOTP accounts you have added, use the following command:

         totp-cli list
       

   
   

   This will display a list of your accounts and their corresponding secrets.

3. Generating a TOTP Code: To generate a time-based code for a specific account, use this command:

         totp-cli generate "My Account"
       

   
   

   This will display the current TOTP code for your "My Account" entry. Remember that these codes expire quickly, so use them immediately.

Step 4: Backing Up Your TOTP Secrets - Ensuring Security and Recovery

It's essential to create regular backups of your TOTP secrets to prevent data loss in case of hardware failure or accidental deletion.

1. Creating a Backup: Use the following command to back up all your TOTP secrets to a JSON file named 'backup.json':

         totp-cli dump > backup.json
       

   
   

   • Store the 'backup.json' file in a safe and secure location, ideally on an external drive or cloud storage.

Step 5: Restoring Your TOTP Secrets - Getting Back on Track

If you ever need to restore your TOTP secrets, for example, on a new computer, follow these simple steps:

1. Importing the Backup: Use the following command to import your backup file:

         totp-cli import < backup.json
       

   • This will load all the TOTP secrets from your 'backup.json' file, restoring access to your accounts.

Conclusion

totp-cli is a powerful and user-friendly command-line tool that makes managing your TOTP secrets on Ubuntu a breeze. By following this guide, you've learned how to install, configure, add secrets, generate codes, back up, and restore your TOTP tokens, ensuring that your accounts are protected with an extra layer of security. Remember to back up your secrets regularly, ensuring you can access your accounts even in unforeseen circumstances. With totp-cli, you can confidently navigate the digital world with peace of mind, knowing your accounts are protected with the most robust security measures available.