PyOTP generated codes do not match with Google Authenticator generated codes

P

6

7

I want to implment 2FA code generated by Google Authenticator in Python

The app Google Authenticator on Google Play generates 2-Step Verification for the services needed.

I've setup 2FA on my Google Account, they provided me the secret code in this form "bsnz bwpn tji6 flto 5enn 6vd4 wji7 aaaa", with noted "spaces don't matter"

So, I tried the following code in Python, but it does not work.

In Google Authenticator, I choosed "Time Based" already

The time on my computer, where script below running is the same as in my phone, where the Google Authenticator app is installed.

import pyotp, base64
totp = pyotp.TOTP( base64.b32encode("bsnz bwpn tji6 flto 5enn 6vd4 wji7 aaaa") )
print "Current OTP:" + totp.now()

The codes generated by Google Authenticator App and my code does not match.

What am I doing wrong ?

Pretorius answered 7/11, 2019 at 8:31 Comment(0)

S

4

You need to scan qr code generated with a qr code scanner. you will get something like:

'otpauth://totp/testegmail.com?secret=MYSECRET&issuer=Google'

That's correct secret.

Sulla answered 12/12, 2019 at 17:16 Comment(2)

Works only on smartphones (that have Google Authenticator installed) – Chromite 27/9, 2020 at 8:13

@Sulla I am also facing the issue like code generated from the script not matching with code generated on the mobile authenticator app. Please let me know if you got the solution for this. Thanks – Clothier 31/3 at 6:50

V

1

First decode your key in format protobuf to the required otpauth format using the go tool mentioned in the below link.

https://github.com/dim13/otpauth/releases/tag/v0.4.2

Extract the binary and go to the directory.

./otpauth -link "otpauth-migration://offline?data=CjEKCkhlbGxvId6tvu8SGEV4YW1wbGU6YWxpY2VAZ29vZ2xlLmNvbRoHRXhhbXBsZTAC"

Then use the output of the first command in the pyotp to generate OTP.

import pyotp

totp=pyotp.parse_uri('otpauth://totp/Example:[email protected]?issuer=Example&period=30&secret=JBSWY3DPEHPK3PXP')

totp.now()

Virgel answered 21/6, 2022 at 19:38 Comment(0)

T

0

Remove spaces in the secret, pyOTP may not take care of this

Typewriting answered 13/12, 2019 at 12:48 Comment(0)

E

0

Apparently most common reason for "Incorrect Code" errors is that the time on your Google Authenticator app is not synced correctly. I had the same issue, was to solve it by syncronising the time on my machine.

I found this by checking this link: https://bigone.zendesk.com/hc/en-us/articles/115002361133-Why-My-Two-Factor-Authenticator-Doesn-t-Work-Incorrect-Code-Errors-#:~:text=The%20most%20common%20cause%20for,on%20the%20Google%20Authenticator%20app

Ethereal answered 22/12, 2023 at 0:3 Comment(0)

P

0

I'm still trying to figure this one out actually, but I did find out that PYotp does expect the string to be uppercase and no spaces is better if you're storing in a .env file. Hope that might help the odd researcher.

Prandial answered 9/5 at 5:53 Comment(0)

S

0

I also faced similar issue today. It was very strange for me as my code was working till yesterday. By a close look, I observed that my pyotp was generating the same code as google authenticator, however, google authenticator was one code ahead of pyotp.

I sync my date time on windows machine, verified with link: https://time.is/ This made the two otp generator work in timesync manner. This doesn't require any change, but in panic, I changed my old keys. :)

Spondee answered 28/5 at 6:16 Comment(0)

Recommended topics

Hot tags