home
nix
Nix
Nixpkgs
1. derivations
NixOS
Flakes
Packages
pkgs
applications
1. audio
2. 1. cmus
3. display-managers
4. 1. sddm
5. editors
6. 1. neovim
7. emulators
8. 1. wine
9. file-managers
10. 1. ranger
11. misc
12. 1. mupdf
  2. redshift
  3. sioyek
  4. zathura
13. networking
14. 1. mailreaders
  2. 1. neomutt
15. terminal-emulators
16. 1. alacritty
17. version-management
18. 1. git
  2. git-credential-manager
19. window-managers
20. 1. i3
  2. picom
data
1. fonts
2. 1. ipafont
development
1. libraries
2. 1. fontconfig
  2. pipewire
misc
1. screensavers
2. 1. xss-lock
os-specific
1. linux
2. 1. alsa-project
  2. bluez
  3. iwd
  4. plymouth
  5. tuxedo-keyboard
servers
1. x11
2. 1. xorg
3. pulseaudio
shells
1. fish
tools
1. audio
2. 1. playerctl
3. inputmethods
4. 1. ibus
  2. ibus-engines
  3. 1. ibus-mozc
5. misc
6. 1. android-tools
  2. clipster
  3. grub
  4. plocate
  5. qmk
  6. tmux
  7. yubikey-manager
7. networking
8. 1. dhcp
  2. dhcpcd
  3. globalprotect-openconnect
  4. ifplugd
  5. mullvad
  6. openconnect
  7. openresolv
  8. unbound
9. package-management
10. 1. conda
  2. micromamba
  3. nix
  4. pacman
11. security
12. 1. browerpass
  2. gnupg
  3. pass
  4. 1. extensions
    2. 1. pass-otp
13. typesetting
14. 1. tex
  2. 1. texlive
  3. tectonic
misc
pace
far
arch
Arch Linux
install
post-install
1. audio
2. clipboard
3. gpu
4. internet
5. input
6. screen capture
7. security

pass-otp

install pass-otp

pacman -S pass-otp

automatically updates and checks gpg signature
probably more secure than copying to .extensions folder and signing

TOTP 2fa (pass-otp)

With the pass-otp extension, pass can generate time-based one-time passwords (TOTP). These are commonly used in two-factor authentication (the 6 digit codes that change every set period of time, usually every 30 seconds). Usually these are loaded into an app like Google Authenticator by scanning a QR code. However, one can usually show the secret directly, which can be stored in pass. Note that storing two-factor secrets in pass along with your passwords kind of defeats the point of two-factor authentication; stronger two-factor authentication can be achieved with hardware tokens like yubikeys.

pass-otp can be installed with

pacman -S pass-otp

A TOTP URI is then added to the password file in the following format:

otpauth://totp/SERVICE:USERNAME?secret=AAAAAAAAAAAAAAAA&issuer=SERVICE