To manage TOTP, most people might be using Google Authenticator. The issue with Google Authenticator is that if the phone is broken or lost, all your OTP’s are lost. There are centralized solutions like Authy where your TOTP secrets are stored in their servers encrypted with your password and backups are encrypted before upload.

If you don’t want to use centralized solutions, there are other ways to manage TOTP. I have discussed a few options here on how to store Time-based One-time Passwords (TOTP) passwords offline.

If you prefer to keep your TOTP separate and have an Andriod device, you can use andOTP to store TOTP secrets. The advantage of using this app is

  • You can keep all your TOTP secrets behind a strong password.
  • You can backup all your TOTP secrets using AES asymmetric Encryption or OpenPGP.
  • You can store the backup in any place you want. Create multiple backups.
  • You can use apps like andOTP-decrypt, mac2fa and OpenPGP to decrypt and generate OTP in desktop.
    # To decrypt
    andotp_decrypt otp_backup-01-03_12-47-53.json.aes
    
    # To generate otp
    andotp_gencode otp_backup-01-03_12-47-53.json.aes gmail.com
    

– RC