A TOTP implementation with the Twilio REST API! ##This project mainly references other modules which I have combined to produce this really basic script which performs two actions:
- If a user visits the page with DoNotTrack enabled, it will send a message to your mobile containing a two-factor authentication code based on your secret. The purpose for the DNT is for some really basic authentication which was only really useful for my use-case, so I reccomend changing it.
- If you upload this code to a web server and upload it as a TwiML app, it will respond to requests with a two-factor authentication code.
I made this mainly to solve a problem that I was afraid of: Forgetting my mobile phone and being locked out of my accounts. This project should eliminate that fear, as the codes can be retrieved from any device or mobile phone.
- A free Twilio account
- Somewhere to host the script
- A Google Authenticator secret
- Add all the files to the root of your server
- Create a config.js file based on the example given
- Add your server's domain as a TwiML app in your Twilio account
- Send a text message to you Twilio number with your configured password as the body
- Receive your Two-factor auth code
- Support for multiple auth accounts
- Better protection against random requests
- Better user feedback