Authenticator key (TOTP) storage and use

Each website that supports Time-based One-time Password (TOTP) or Two-factor Authentication (2FA) with an "Authenticator" handles configuration slightly differently. You will need to start the setup from each individual website or service that you are accessing (e.g. google.com, github.com). The option to configure this will commonly be found under the "Security" options of your account.

The SecretSafe Android and iOS applications can make adding your TOTP key's easy by scanning a QR code to populate the field automatically.

Web Safe & Other Applications#

Create or edit a login item you wish to store your TOTP key with. In the field labeled "Authenticator Key (TOTP)", input the secret key that you are provided with and select save.

Mobile Applications#

Create or edit a login item you wish to store your TOTP key with. In the field labeled "Authenticator Key (TOTP)", select the "camera" icon. Scan the QR code you have been presented with and the field will be automatically populated. You can then save the changes.

Using Generated Codes#

The SecretSafe mobile applications and browser extension have the ability to automatically copy a TOTP code to your device clipboard after auto-fill. Auto-fill any item that has a TOTP key stored and submit the information. The service you are logging into will ask for a verification code. Use the paste function of your device to input the code and submit it.

tip

This feature can be toggled off under Settings โ†’ Options โ†’ Disable Automatic TOTP Copy.

warning

TOTP codes will not automatically copy to the system clipboard when "Enable Auto-fill On Page Load" is enabled in the browser extension.

Support for More Parameters#

Some services will use different parameters for their TOTP codes. SecretSafe will generate 6-digit codes using SHA-1 and rotate them every 30 seconds by default. SecretSafe can suport parameters digits (1-10), algorithm (SHA-1, SHA-256, and SHA-512), period (> 0) and secret (base32 key).

Example:

otpauth://totp/Test:me?secret=JBSWY3DPEHPK3PXP&algorithm=sha256&digits=8&period=60

Learn more about using otpauth:// uri's here: https://github.com/google/google-authenticator/wiki/Key-Uri-Format