Overview

The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth).

These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

Implementations

This project currently offers mobile application implementations of HOTP/TOTP for Android, iOS, and Blackberry, as well as a PAM module.

Google Authenticator for Android

The Android mobile app supports:

• Multiple accounts
• Support for 30-second TOTP codes
• Support for counter-based HOTP codes
• Key provisioning via scanning a QR code
• Manual key entry of RFC 3548 base32 key strings

Google Authenticator for iOS

The iOS mobile app supports:

• Multiple accounts
• Support for 30-second TOTP codes
• Support for counter-based HOTP codes
• Key provisioning via scanning a QR code
• Manual key entry of RFC 3548 base32 key strings

Google Authenticator for Blackberry

The BlackBerry mobile app supports:

• Multiple accounts
• Support for 30-second TOTP codes
• Support for counter-based HOTP codes
• Manual key entry of RFC 3548 base32 key strings

PAM Module

The PAM module can add a two-factor authentication step to any PAM-enabled application. It supports:

• Per-user secret and status file stored in user's home directory
• Support for 30-second TOTP codes
• Support for emergency scratch codes
• Protection against replay attacks
• Key provisioning via display of QR code
• Manual key entry of RFC 3548 base32 key strings

Source Code

You can download the project's source code from the Git repository. See more details in CheckingOut.