If your desktop of choice is Linux, you don’t have to be without a 2FA tool, thanks to OTPClient.


Image: Jack Wallen

Two-factor authentication (2FA) isn’t perfect, but it’s far better than relying on the standard username/password security convention. For those that use 2FA, mobile options like Authy and the Google Authenticator are the most-used choices. But what about those looking for an open source GUI 2FA tool for the Linux desktop? If that’s you, there’s OTPClient.

OTPClient is a highly secure and easy to use GTK+ 2FA tool that supports both time-based one-time Passwords (TOTP) and HMAC-based one-time passwords (HOTP). Other features include:

  • Custom digits (between 4 and 10 inclusive)

  • Custom period for codes to be valid (between 10 and 120 seconds inclusive)

  • Supports SHA1, SHA256 and SHA512 algorithms

  • Supports steam codes

  • Import encrypted Authenticator Plus backup

  • Import and export encrypted and/or plain andOTP backup

  • Encrypted local database is encrypted using AES256-GCM

I want to walk you through the installation and use of OTPClient. I’ll be demonstrating on Ubuntu Desktop 19.10, but the installation process will work with any Debian-based distribution.

SEE: Windows 10 security: A guide for business leaders (TechRepublic Premium)

How to install the OTPClient

In order to install OTPClient, we must first add the necessary repository. Open a terminal window and issue the command:

sudo add-apt-repository ppa:dawidd0811/otpclient

When prompted, hit Enter on your keyboard to add the repository. Once that command completes, update apt with the command:

sudo apt-get update

Finally, install OTPClient with the command:

sudo apt-get install otpclient -y

When the installation completes, you should see an OTPClient entry in your desktop menu (Figure A). 

Figure A

The OTPClient Entry in the GNOME Dash.

” data-credit rel=”noopener noreferrer nofollow”>otpclienta.jpg


The OTPClient Entry in the GNOME Dash.

Click the OTPClient entry to open the app.

How to use the OTPClient

When you first launch OTPClient, you’ll be prompted to either restore or create a database (Figure B).

Figure B

Database location selection.

” data-credit rel=”noopener noreferrer nofollow”>otpclientb.jpg


Database location selection.

Click Create New Database and, when prompted, give the new database a name and a location (Figure C).

Figure C

Naming and locating the database.

” data-credit rel=”noopener noreferrer nofollow”>otpclientc.jpg


Naming and locating the database.

Next, type and verify a password to protect the database and click OK (Figure D).

Figure D

Protecting the database.

” data-credit rel=”noopener noreferrer nofollow”>otpclientd.jpg


Protecting the database.

Once OTPClient opens, you need to create some tokens. Click the + button in the upper left corner of the main window (Figure E).

Figure E

The OTPClient main window.

” data-credit rel=”noopener noreferrer nofollow”>otpcliente.jpg


The OTPClient main window.

You have a few options for adding 2FA tokens:

If your system doesn’t have a webcam, take a screenshot of the QR code to be scanned and save it as a .png file. Click the + button on the OTPClient main page and select Using A QR Code | From File. Locate the .png file and click Open (Figure F).

Figure F

Importing a QR Code via a .png file.

” data-credit rel=”noopener noreferrer nofollow”>otpclientf.jpg


Importing a QR Code via a .png file.

The new token will show up in the OTPClient main window, ready to use (Figure G).

Figure G

Our new token has been added.

” data-credit rel=”noopener noreferrer nofollow”>otpclientg.jpg


Our new token has been added.

And that’s all there is to installing and using the open source OTPClient 2FA tool on Linux. 

Also see