tinymfa is a time based one time pad solution that is nowadays used for multifactor authentication. tinymfa is written in go and implements RFC 6238. It runs on all the prominent platforms and is fine with a raspberry pi!
Setting up tinymfa is easy. Here are our 6 steps towards your multifactor authentication.
On the very first start of tinymfa, it connects to a postgres database and creates the table structure. Then, it generates a 256bit master key that is used to encrypt the issuer keys.
For each service that you want to secure, you create an issuer (think of it as a domain).
Each issuer gets a unique 256bit key assigned. This key is encrypted with the master key.
Each issuer can have multiple users. For each user, a unique key is generated and encrypted with the issuer key.
Let your users scan a QRCode with their favourite Authenticator app. We generate that for you!
tinymfa is supported by all Authenticator Apps that implement RFC 6238
One http call gets you a boolean true if the token was validated or a boolean false if the token could not be validated.
It doesn't get much easier than that!
Your multifactor authentication is ready to go! Have fun!
Want to see how it works? Sure, take your mobile phone and follow these three steps to test tinymfa.
Download an Authenticator App.
There are several out there, but why don't you try the Google Authenticator?
demo@tinymfa.parzival.link
Enter the token that your Authenticator App generates into the form below and click submit.
Seen enough? Host it on your own network! Even a raspberry pi can handle it!