diff options
Diffstat (limited to 'src/prj/totp/index.gsp.bak')
| -rw-r--r-- | src/prj/totp/index.gsp.bak | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/src/prj/totp/index.gsp.bak b/src/prj/totp/index.gsp.bak new file mode 100644 index 0000000..ea5637a --- /dev/null +++ b/src/prj/totp/index.gsp.bak @@ -0,0 +1,134 @@ +html lang="en" { + head { m4_include(head.gsp) } + body { + header { + div { + h1 {-Easy Password Generation} + m4_include(nav.gsp) + } + + figure .quote { + blockquote { + p {= + The C preprocessor is worse than m4, and I would kill myself before I + had to use m4. + } + } + figcaption {-Arav K.} + } + } + + main { + p { + em {- + You can find the @code{-totp} git repository over at + @a href="https://git.sr.ht/~mango/totp" target="_blank" {-sourcehut} + or + @a href="https://github.com/Mango0x45/totp" target="_blank" {-GitHub}. + } + } + + h2 {-Table of Contents} + ul { + li {a href="#prologue" {-Prologue}} + li {a href="#terms" {-Terminology}} + li {a href="#usage" {-Basic Usage}} + li {a href="#qr" {-Working with QR Codes}} + } + + h2 #prologue {-Prologue} + p {- + m4_abbr(TOTP) codes are pretty cool, and really easay to do. They’re + also the backbone of modern two-factor authentication. With + @code{-totp} I hope to handling m4_abbr(TOTP) codes as easy and + extensible as possible + } + + h2 #terms {-Terminology} + p {- + There are a few terms that I will be using throughout this post, so it’s + good to make sure that we’re all on the same page about what I’m + referring to. + } + + dl { + dt {-Secret} + dd { + p {- + Your @em{-secret} is a + @a + href="https://en.wikipedia.org/wiki/Base32" + target="_blank" + {-base32} + encoded secret key that you should under no circumstances share with + anyone else. It is from this secret key that we can generate valid + m4_abbr(TOTP) codes. + } + } + + dt {-Digits} + dd { + p {- + Your @em {-digits} is the length of the generated m4_abbr(TOTP) in + digits. If @em{-digits} is 8, then your generated key could be + ‘01234567’. When dealing with m4_abbr(2FA) this is typically 6. + } + } + + dt {-Period} + dd { + p {- + Your @em{-period} it the duration for which the generated key is + valid in seconds. When working with m4_abbr(2FA) this is typically + 30. + } + } + } + + h2 #usage {-Basic Usage} + + p {- + @code{-totp} takes secret keys as command-line arguments, but also reads + them from the standard input if none are provided. It assumes that + @em{-digits} is 6 and @em{-period} is 30. These defaults can be changed + with the @code{--d} and @code{--p} flags. + } + + figure { + pre { m4_fmt_code(basic-usage.sh.gsp) } + } + + aside { + p {- + I’m using @code{-mkpass} to generate a random secret. You can + see my post about @code{-mkpass} @a href="/prj/mkpass" {-here}. + } + } + + h2 #qr {-Working with m4_abbr(QR) Codes} + p {- + Often times when enabling m4_abbr(2FA) on your account on some website + or platform, you will be shown a m4_abbr(QR) code you can scan with your + m4_abbr(2FA) mobile application. These m4_abbr(QR) codes contain + @em{-otpauth} m4_abbr(URI)s. We can extract these from downloaded + images using utilities such as @code{-zbarimg} and use them in + @code{-totp} using the @code{--u} flag to enable ‘m4_abbr(URI) mode’ + } + + figure { + pre { m4_fmt_code(zbarimg.sh.gsp) } + } + + p {- + …and that’s all! There’s nothing else you need. You can use secret + keys and otpauth m4_abbr(URI)s, and you can configure the @em{-digits} + and @em{-period} of the generated codes. You can generate multiple keys + at once, and all outputs are printed to the standard output. + } + } + + hr{} + + footer { m4_footer } + } +} |