ikenndac / tofu Goto Github PK
View Code? Open in Web Editor NEWAn easy-to-use two-factor authentication app for iOS
Home Page: https://tofuauth.com
License: ISC License
An easy-to-use two-factor authentication app for iOS
Home Page: https://tofuauth.com
License: ISC License
I understand that tofu syncs with apple keychain. Is it feasible that tofu can backup to a custom git server? I run linux and doing backups isnt officially supported, so I try to use apps that sync to a git server I trust. Pass for iOS does this. Can tofu as well? Pss supports TOTP but passwords and totp in the same repo is a bad idea.
Hi! Could you please add an icon for Example?
Their website is at https://ctemplar.com/
When scanning their QR code with Tofu, the account issuer shows up as Example.
Is there a way to backup the codes? This is a needed feature - in case of device loosing or device changing.
A good solution is implemented here: https://github.com/andOTP/andOTP
It'd be nice to be able to change the color of the letter and background for items without an icon.
It would be nice if TOFU would register itself as a URL handler for the otpauth:// scheme, just like the Google Authenticator app does. This would allow you to click on a otpauth:// link in e.g. a text message, and have the app automatically open and add the token (maybe after a confirmation).
I believe most of the logic is already implemented for decoding a QR-code, only the registration with iOS for otpauth:// URLs is missing.
Is it possible to get icons for Reddit, Snapchat and Instagram? Not sure how to do it myself, happy to do so though if someone can point me in the right direction.
Love the app!
Would you consider implementing a dark theme for the app? (sort of goes against the feel of "Tofu" but it's still a nice-to-have)
When will you add Passcode/Touch ID when opening the app to the Tofu Authenticator app?
I would like to see a icon added for Hey.com - a new email service.
I not sure how to do it myself, but hopefully some helpful soul can assist.
I found their logo as SVG here:
https://hey.com/assets/general/hand-peace-8b40e9460a1ae55d834563cc1cdc8b4aef606e58241d244f0468cb59442911a4.svg
In Tofu the service is listed as: "HEY ([email protected])"
Thanks in advance!
Steam Guard uses custom TOTP codes that consist of five letters. It would be nice to have support for them in Tofu!
Here's a JS implementation of their algorithm if that helps: https://github.com/DoctorMcKay/node-steam-totp
Many sites allow themselves to be installed as a web-app with additional benefits on iOS. These webapps fetch their icon from a specific endpoint:
https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html
An example of this would be https://tweakers.net/apple-touch-icon.png - although this specific image is slightly too small to be used with Tofu acccording to the README.
Perhaps the ability to add URLs to entries may be considered, upon which Tofu would be able to try these endpoints (on user consent, of course). Or the ability to "import" icons from URLs like that or from the filesystem?
An added benefit of using external icons is that there would be no need to include logos in this repository, which might pose a copyright issue.
It'd make transferring easier so I do not have to have a lock on all of my accounts for 30 days because I changed the auth app
Given that there's no action when you click on a row, it would be cool if clicking automatically copied the token (this is what the Google Auth app does).
That way, I'd not have to press-and-hold and then select Copy
Hi! Could you please add an icon for Example?
Their website is at https://www.twitch.tv/.
Thanks a lot for this great app!
I have an iPhone 5S, so I can't run iOS 13. It appears that previous versions of Tofu worked on iOS 12--would you mind supporting it again? (I don't have a Mac, otherwise I'd try to fix this myself and send a PR--sorry for making a shameless feature request!)
Possible to add Tresorit, Twitter, Parler, and NordPass. Possible to add dark mode. Thank you.
Hi! Could you please add an icon for Kraken?
Their website is at https://www.kraken.com
When scanning their QR code with Tofu, the account issuer shows up as kraken.com
Their logo / icon could be exctracted out this vector graphics from Wikipedia: https://en.wikipedia.org/wiki/Kraken_(company)#/media/File:K-logo-wikipedia.svg (CC BY-SA 4.0)
I tried to create a 1024x1024 PNG version myself, although I don't know what amount of side margin is prefered:
So I was testing a few 2FA apps and just to mess around I created a QR code with this website:
https://freeotp.github.io/qrcode.html
!! Don't try to scan this code !!, it will most likely make tofu unusable !
After scanning this with Tofu, the app instantly crashes. And even after deleting and reinstalling the app: I cannot open Tofu! It simply crashes.
I also tried deleting the app, restarting the device and reinstalling the app. No difference.
Tested Tofu Version 1.8 with an iPhone 8 on 13.4.1
Also tried this with an iPhone 6s on 13.4.1
I think it would be nice to avoid bundling icons in Tofu but instead fetch the icons from the websites.
Most websites have a <link rel="icon" href="favicon.ico">
element, or even better icons for smartphones such as <link rel="apple-touch-icon-precomposed" sizes="114x114" href="...">
.
What do you think of having a map of issuer to domain, and then automatically fetching the appropriate icon?
This would also make it easy to allow users to have icons for unsupported providers by adding an "icon domain" field to the edit page.
I could try to implement this if you think it's viable and interesting π
If I do implement this, would you be willing to accept a PR that uses an API to extract the icons such as realfavicongenerator.net?
Can you enable a way to pull Authy 2fa accounts into Tofu?
Hi! Like the other issue reporter, also wanted to say I love the app!
Not sure if, longer-term, you'd prefer one mega-issue for tracking icon requests, or split (side idea: maybe make it possible for users to add their own icons? More code work, but could spare you from crazy esoteric requests and would rock for things like AWS, where I have 8 different TOTP rows)
My requests, just based on the stuff I've got in the app now:
I wanted to ask for the ability to allow importing 2FA codes from Google Authenticator over to Tofu. Google has a feature to export the 2FA codes via a scannable QR code, but when you attempt to read this code with Tofu, it won't recognize it and say that it's invalid.
I'm not sure if that means that the QR code only works for Google Authenticator so it's only over different phones, but maybe you can look into it if possible?
I donβt know if this is possible but transferring keys to another device via barcode would be nice as we can safely store both keys on 2 devices just in case one device dies. Yes I know they backup to iCloud but still
Thank you for your work on Tofu. It is an incredible app, and it is great to have such a high-quality 2FA app available on iOS.
With so many apps supporting 2FA now, it can become a bit time-consuming to scroll through the different accounts to find the correct one, and I was wondering if it would be possible to add an option for sorting them alphabetically at some point?
Thank you once again for your great work. It is highly appreciated!
First of all, I love the app! It is simple, fast and best of all open-source.
I do however have a request for some icons:
Can you add these?
Thanks in advance, and keep up the good work :)
After upgrading to Tofu 1.7 it crashes directly after starting it on iPhone 6S running iOS 12.4.1.
Hi! Could you please add an icon for Example?
Their website is at https://example.com.
When scanning their QR code with Tofu, the account issuer shows up as Example.
Scanning a barcode from a screenshot would be nice as you canβt point your camera at your own phone and yes i know thatβs why they have manual keys but I have ran into some sites that donβt show the manual key
Hey Calle, I love Tofu and I tell people about it as much as I can (...just like people who eat tofu, lol). I recently purchased an ο£ΏΒ Watch and I was wondering if support for it was in the pipeline.
Hello,
Thank you for building this App! One thing I miss is the ability to read the QR codes from images already stored in the Phone, or, the ability for other Apps to send images to Tofu.
Thank you.
What if we switch from an Apple device over to Android, there is no way for us export our codes.
I'm not sure if this is a problem in user instructions or the code but I was concerned when I recently set up a new iPad using an encrypted back up of an iOS 13 iPhone to move settings, apps and passwords to the new device.
Tofu was installed on the iPad but with none of my many 2FA accounts. This raises some concerns for me. Not only is it time consuming to set up all my Tofu accounts manually on the iPad but, more importantly, I'm in trouble if my iPhone dies and I can't restore these accounts to my next phone.
The FAQ isn't clear on how to ensure accounts are backed up. What settings are required for backup? Any way to confirm this works (besides wiping and restoring my iPhone)?
Could you please add the option to lock to lock the app with face id or a password?
May I suggest some features?
A small quality of life upgrade would be that to merely double tap a token in the app should directly copy the code to the clipboard, rather than having to tap and then press Copy. I think most other Auth apps Iβve tried has this design (though trivial change).
An incredibly convenient option would be for the Tofu app to automatically send the current code for the relevant token to the clipboard, similar to how when signing in to a website with a text message verification code it appears automatically in the clipboard (without having to leave the Safari app). Would this be feasible?
I would like to suggest a few more logos to be added to the app.
I'm not sure how I can submit them myself, but I found logos for the following sites. On the sites there is SVG, PDF, JPG and PNG available.
NiceHash - https://www.nicehash.com/media
Basecamp - https://basecamp.com/about/press
Time4VPS - https://www.time4vps.com/wp-content/uploads/2017/03/logo.svg
Some websites show the TOTP secret separated with spaces, such as Gitlab.
I tried to manually add one of these secrets to Tofu and the "Done" button kept being disabled. After removing the spaces, the "Done" button could be pressed and it worked correctly.
Tofu should either strip the spaces or allow it to be added as-is to avoid confusion.
Example format of space separated secret:
xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx
Website: https://app.simplelogin.io/
Issuer shows up as: SimpleLogin.
All potential images I managed to find;
(192x192 & Transparent)
Hi! Could you please add an icon for Example?
Their website is at https://www.globalrockstar.com/#/projects
I use 2FA on my cpanel account and today, I was unable to login using the generated token. I accessed my account a different way, removed 2FA from it and tried to set it up again. I scan the QR code and it adds it to my accounts, but when I enter the 6 digit verification code, it keeps telling me the security code is invalid.
Please add an icon for TETR.IO, they just recently added two-factor authentication.
Their website is https://tetr.io/.
Maybe I'm missing something, but aren't I completely hosed if I lose my phone? I feel like there should be some sort of secure recovery process. If there already is one, I'd love to hear about it but I couldn't find it in the documentation (aka the FAQ and readme.md, couldn't find more documentation).
At the moment, custom issuer icons are stored in IssuerIcons.sketch
. This is a bit of a problem, as different pull requests that modify the file will overwrite it each other (git
doesn't track changes in binary files like .sketch
). This may have already happened, though I'm not sure, as several of the icons in Assets.xcassets
are missing from IssuerIcons.sketch
.
I would propose a new structure, that replaces the IssuerIcons.sketch
file with a directory of icons in .sketch
format. These files would be editable in Sketch, like before, but would be safe from accidentally deletion or modification. Additionally, these files could be stored with git-lfs
to prevent the repo from accruing bloat.
The current directory structure is something along the lines of:
Tofu/
ββ IssuerIcons.sketch
ββ ...
Under the proposed changes, it would be structured as such:
Tofu/
ββ IssuerIcons/
β ββ Google.sketch
β ββ Github.sketch
β ββ Proton.sketch
β ββ ...
I would be more than happy to contribute this myself, but figured I'd check in, provide some reasoning, and allow for some feedback before jumping straight in.
Hey there, could you please add an icon for Sony (For Playstation and such)?
Their accounts can use 2FA but there's no icon for them.
Here's the icon:
Their website is at https://sony.com.
should upgrade, not suit for new swift
Hi! Is there a way to export entries from Tofu? I'd rather have my 2FA codes backed up somewhere else besides iCloud. I think it might also be important for people who do not use iCloud backups at all.
Hi, I was browsing for OTP apps in the App Store and had a difficult time choosing which one to use. I like Tofu mainly because itβs open-sourced. Iβm trying out it for now and I do like to see a future update with Touch ID support to lock the app and a share sheet extension for autofill would be cool. Also, maybe a backup feature can be useful too?
Iβm on: macOS Catalina (10.15.2), intending to back up Tofu (latest AppStore release) on an iPad (13.3).
Just need to know before I do some mandatory iPad maintenance and restore my device with a clean install, can I expect to lose all my Tofu data when restoring it from an encrypted icloud/hdd backup or not?
Thereβs not exactly a whiteboard here where it lists the recommended βdoβs and donβtsβ, to summarily recommend novice users on what to be mindful of in the latest build. Just a side note: might be good to have an issue like this pinned to the top, maybe? There are just various reports of people losing their Tofu data when restoring iCloud/hdd encrypted backup. Not very reassuring.
So should I refrain from it and use another app, or not?
Donβt mind helping out and testing too. But first I need to secure my accounts.
Please add Privacy.com, Anonaddy, Surfshark and Intuit (TurboTax), and Tresorit.
I migrated to a new phone from an iCloud backup and Tofu is empty on the new phone. According to #14 Tofu should be able to migrate over to new devices if backups are encrypted. I'm assuming that is the case for iCloud backups, but perhaps they're special?
I'm at a loss as to how to debug this further.
Hi, iOS 14 was released yesterday. Before upgrading, I'm wondering if the Tofu application is working with it. Thanks π
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.