mirror of
https://github.com/Luzifer/webtotp.git
synced 2024-12-22 20:31:21 +00:00
Add hint for URL sending
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
6d60e8d1ba
commit
2e917496d1
1 changed files with 6 additions and 0 deletions
|
@ -4,6 +4,12 @@
|
||||||
|
|
||||||
My specific usecase for this is I do have accounts which OTP secrets are stored outside of my TOTP generator as usually I don't need to access those accounts and if I would add those secrets to my TOTP generator I would have a lot more entries in it. So I do store the secrets in a safe place and needed a convenient generator to generate single OTP tokens from them.
|
My specific usecase for this is I do have accounts which OTP secrets are stored outside of my TOTP generator as usually I don't need to access those accounts and if I would add those secrets to my TOTP generator I would have a lot more entries in it. So I do store the secrets in a safe place and needed a convenient generator to generate single OTP tokens from them.
|
||||||
|
|
||||||
|
You can even send the page with the OTP code to someone by appending the secret to the URL in the hash part:
|
||||||
|
```
|
||||||
|
https://webtotp.example.com/#mysecret
|
||||||
|
```
|
||||||
|
As long as you make sure it is in the hash-part (behind the `#`) the browser will not send the secret to the server but keep it locally in the browser. When sending the URL containing the secret make sure you are using a secured transport like [OTS](https://ots.fyi/) to ensure the chat / email provider is not able to fetch those secrets from the URL.
|
||||||
|
|
||||||
![](screenshot.png)
|
![](screenshot.png)
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
Loading…
Reference in a new issue