Google Authenticator secret extractor
Note: This project and I are in no way affiliated with Google.
This lets you decode the URI generated by Google Authenticator.
Guide
Prerequisites:
- Your phone with Google Authenticator
- A camera
- Nodejs installed
- A QR scanner
Getting the secret keys:
- Open the Google Authenticator app.
- Click Settings (three dots, top right), and Transfer accounts.
- Select Export accounts.
- Authenticate, if prompted.
- Select the accounts you want to export (default is all).
- Click Next, and capture a picture of the QR code.
- Note: Screenshots are disabled by the app. Use your laptop webcam, a digital camera or another phone.
- Click Next, and repeat step 6 for all QR codes shown (if you have many accounts).
- Decode the QR codes to obtain the
otpauth-migration://offline?data=...
URI. - Clone/Download this repository.
- Run
npm install
. - For generating json run
npm run start
, for generating qr-codes runnpm run start:qrcode
. - Enter the URI when prompted
- If you chose json and you want to save the output, enter
y
andaccounts.json
Use a docker image
Prerequisites:
Build the docker image locally:
docker build . --tag google-authenticator-exporter:0.0.1
Decode an obtained QR code URI:
- Run the docker container locally:
docker run -it --rm google-authenticator-exporter:0.0.1
- Enter the URI when prompted
- Since you haven't mounted a volume, you cannot save the output using the above command, so leave the next questions empty (hit Enter).
- The output to json will be printed out to terminal.
References
I found the protobuff code in https://github.com/beemdevelopment/Aegis/pull/406/files. The opensource Google Authenticator does not seem to have this yet (5th May 2020): google/google-authenticator-android#118.
A QR scanner app for Android that works is https://play.google.com/store/apps/details?id=com.google.zxing.client.android.
The Base32 format is specified in https://tools.ietf.org/html/rfc3548. There are multiple ways to implement Base32.
License: MIT, BUT this uses GNU GPL 3 code as a dependency (https://github.com/alexbakker/Aegis/blob/56bde0e19b51568a7050f6cb56085a1bb38c5a9e/app/src/main/proto/google_auth.proto) (https://github.com/alexbakker/Aegis/blob/56bde0e19b51568a7050f6cb56085a1bb38c5a9e/LICENSE)