← Back to context

Comment by mxmlnkn

3 days ago

Even if you only have the QR code, you can download the image or screenshot it and then extract the secret without ever having to use a smartphone by using zbarimg and then manually extracting the secret from the URI:

    sudo apt-get install zbar-tools oathtool
    zbarimg qr-2fa-code.png

Output:

    QR-Code:otpauth://totp/username?secret=ABCDEFSECRET012349BASE32&period=30&digits=6

If you have some 2FA that you need to enter 10 times per day, then you can also add a global shortcut to automatically paste it. Of course, this undermines the "second device" security. Some PC password managers also support 2FA, e.g. https://github.com/paolostivanin/OTPClient ( sudo apt install otpclient )

1 comment

mxmlnkn

Reply
Gormo  3 days ago

I have this little one-liner mapped to a hotkey combo:

`bash -c 'xfce4-screenshooter -r -o zbarimg | gxmessage -title "Decoded Data" -fn "Consolas 12" -wrap -geometry 640x480 -file -'`

Works great if you have xfce4-screenshooter, gxmessage, and zbarimg installed. It allows you to draw a box around a screen region, screenshots it, decodes it via zbarimg, and pipes the output into a dialog box with copyable text.