Browser extension for generating HOTP passcodes for Duo Security Multi-Factor Authentication

Related tags

Learning resource duo-extension
Overview

duo-extension

Browser extension for generating HOTP passcodes for Duo Security multi-factor authentication.

Compatible with Firefox and Chromium-based browsers (Chrome, Edge, etc.)

Credits

  • Yusuf Bham for original Python Duo HOTP secret fetch and passcode generation script. You can find this script here.

Setup

  1. Once you've installed the extension, sign in to your service and navigate to your Duo multi-factor authentication portal/page.

enter image description here

  1. Select "Add a new device".

enter image description here

  1. Authenticate as your normally would, if prompted.
  2. Select "Tablet" from the list of devices.

enter image description here

  1. Select "Android" from the list.

enter image description here

  1. Press "I have Duo Mobile installed" if prompted.

enter image description here

  1. You will reach a screen with a QR code on it. At this point, open the extension from your browser's toolbar and press "Scan Page for Duo QR".

enter image description here

enter image description here

  1. If you followed the steps correctly, the extension will notify you that scanning is complete. If it does not, please report an issue on the GitHub repository. At this point, setup is complete!

enter image description here

Usage

  1. Using the extension after setup is very simple. Sign in to your intended service and navigate to your multi-factor authentication portal when you wish to log in.

enter image description here

  1. Click the extension's icon in your browser's toolbar. It should automatically log you in from there!

enter image description here

Alternative

  1. If the extension fails to automatically log you in by now, you can try pasting in your HOTP code manually. Click on the extension icon and copy the code displayed. Clicking it will automatically copy to clipboard.

enter image description here

  1. Paste the code into the Passcode authentication option and press "Log In".

enter image description here

  1. If this does not work, you can try generating a new code ("Generate new code" option in extension), reinstalling the extension and setting it up as a new device, or submitting an issue to the GitHub repository.
You might also like...

A refined tool for exploring open-source projects on GitHub with a file tree, rich Markdown and image previews, multi-pane multi-tab layouts and first-class support for Ink syntax highlighting.

A refined tool for exploring open-source projects on GitHub with a file tree, rich Markdown and image previews, multi-pane multi-tab layouts and first-class support for Ink syntax highlighting.

Ink codebase browser, "Kin" 🔍 The Ink codebase browser is a tool to explore open-source code on GitHub, especially my side projects written in the In

Oct 30, 2022

proxy 🦄 yxorp is your Web Proxy as a Service (SAAS) Multi-tenant, Multi-Threaded, with Cache & Article Spinner

proxy 🦄 yxorp is your Web Proxy as a Service (SAAS) Multi-tenant, Multi-Threaded, with Cache & Article Spinner

proxy 🦄 yxorp is your Web Proxy as a Service (SAAS) Multi-tenant, Multi-Threaded, with Cache & Article Spinner. Batteries are included, Content Spinning and Caching Engine, all housed within a stunning web GUI. A unique high-performance, plug-and-play, multi-threaded website mirror and article spinner

Dec 30, 2022

Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.

Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.

DahuaLoginBypass Chrome extension that uses vulnerability CVE-2021-33044 to log in to Dahua IP cameras and VTH/VTO (video intercom) devices without au

Nov 26, 2022

A lightweight extension to automatically detect and provide verbose warnings for embedded iframe elements in order to protect against Browser-In-The-Browser (BITB) attacks.

A lightweight extension to automatically detect and provide verbose warnings for embedded iframe elements in order to protect against Browser-In-The-Browser (BITB) attacks.

Enhanced iFrame Protection - Browser Extension Enhanced iFrame Protection (EIP) is a lightweight extension to automatically detect and provide verbose

Dec 24, 2022

Secure-electron-template - The best way to build Electron apps with security in mind.

Secure-electron-template - The best way to build Electron apps with security in mind.

secure-electron-template A current electron app template with the most popular frameworks, designed and built with security in mind. (If you are curio

Dec 29, 2022

Cloud security platform web with steampipe

Cloud security platform web with steampipe

cloud-security-platform-web-with-steampipe Home Tech Stacks Node.js + MongoDB + Steampipe Usage If you use ec2, no need credentils, config files. $ cd

May 13, 2022

spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统

spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统

spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统,亦是一个功能完备的微服务脚手架。

Dec 24, 2022

Been interested, studying, and developing blockchain security with a Zero Knowledge Proof (ZKP) and create a prototype on the current issue with Philippine's upcoming election. 📥

Been interested, studying, and developing blockchain security with a Zero Knowledge Proof (ZKP) and create a prototype on the current issue with Philippine's upcoming election. 📥

Implementation of Zero Knowledge Proofs in Cryptographic Voting 😎 Reference: Cryptographic Voting – A Gentle Introduction Overview 👨🏻‍💻 The main i

Apr 11, 2022

Project Security Term 3.2 @ PIM

Security This project was generated with Angular CLI version 12.2.10. Development server Run ng serve for a dev server. Navigate to http://localhost:4

Apr 11, 2022
Comments
  • Swap to ES Modules, Add browser polyfill

    Swap to ES Modules, Add browser polyfill

    • Moves jsOTP into a separate file instead of bundling minifed version in background.js

    • Adds suggested shortcut action in manifest.json

    • Uses ES modules for popup.js and background.js

    • Adds browser polyfill to background.js for easier use of async/await

    • Swaps var and let to let and const when appropriate

    • Adds a few uses of array destructuring

    opened by fifty-six 0
  • HTML dump of Duo auth page

    HTML dump of Duo auth page

    Hi, I'm also writing my own Duo extension: https://github.com/mizlan/AutofillDuo

    I was curious if you could provide an HTML dump of the auth prompt page, since my UI seems to be quite different than the querySelectors I see in your code.

    opened by mizlan 2
  • [Feature request] Add from activation code

    [Feature request] Add from activation code

    opened by ThatOneCalculator 1
Releases(v1.1)
Owner
Avik Rao
TJHSST 2021 | UMD 2025 | Fluent in Python 3, ES6 JavaScript, and Java | Interested in software engineering and web development
Avik Rao
GitHub
Open Source two factor authenticator. Built during #SupaLaunchWeek 5!

Archived This repository is archived, please go to https://github.com/otentikapp/clients for future development. Introduction Feeling bothered about h

Aris Ripandi 18 Dec 29, 2022
Find Your DUO Project: instructed by Rodrigo Gonçalves and Diego Fernandes CTO at Rocketseat

Find-your-DUO NextLevelWeek eSports ?? Find-your-DUO Project | Technologies | Layout | How To Use | How to contribute | License ?? Project The project

Eliezer Nascimento 2 Dec 14, 2022
A browser extension to test the most basic security issues.

Ninja-Hacker-Cat Sidebar für Firefox This firefox extension can check your website for the most basic security issues and data leaks. It's an easy way

Alex K. 25 Dec 26, 2022
A novel approach for security and user experience of Graphical Password Authentication.

Graphical Password Authentication Alohomora Harry Potter themed (not really) Graphical Password Authentication Flowchart and Architecture Solution Dem

Akshat Shah 10 Dec 15, 2022
Grupprojekt för kurserna 'Javascript med Ramverk' och 'Agil Utveckling'

JavaScript-med-Ramverk-Laboration-3 Grupprojektet för kurserna Javascript med Ramverk och Agil Utveckling. Utvecklingsguide För information om hur utv

Svante Jonsson IT-Högskolan 3 May 18, 2022
Hemsida för personer i Sverige som kan och vill erbjuda boende till människor på flykt

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

null 4 May 3, 2022
Kurs-repo för kursen Webbserver och Databaser

Webbserver och databaser This repository is meant for CME students to access exercises and codealongs that happen throughout the course. I hope you wi

null 14 Jan 3, 2023
We are creating a Library that would ensure developers do not reinvent the wheel anymore as far as Authentication is concerned. Developers can easily register and download authentication codes that suits their need at any point.

#AuthWiki Resource Product Documentation Figma Database Schema First Presentation Live Link API Documentation Individual Contributions User Activity U

Zuri Training 17 Dec 2, 2022
Javascript library for generating identicons. Running in the browser and on Node.js.

Jdenticon JavaScript library for generating highly recognizable identicons using HTML5 canvas or SVG. Live demo https://jdenticon.com Getting started

Daniel Mester Pirttijärvi 1.1k Jan 3, 2023
Easiest 1-click way to install and use Stable Diffusion on your own computer. Provides a browser UI for generating images from text prompts and images. Just enter your text prompt, and see the generated image.

Stable Diffusion UI Easiest way to install and use Stable Diffusion on your own computer. No dependencies or technical knowledge required. 1-click ins

null 3.5k Dec 30, 2022