Open Authenticator (Beta Build)

Name: Open Authenticator (Beta Build)
SKU: 23828
Price: 59.99 USD
Availability: InStock

The Open Authenticator is an open source TOTP based hardware authenticator using ESP32.

Designed by Vedant Paranjape in India

2021-06-08T19:00:18.842Z-20210606_142919_HDR.jpg

2021-06-08T18:52:47.311Z-20210606_143442_HDR.jpg

2021-06-08T18:58:18.548Z-20210606_143312_HDR.jpg

Buy with confidence.

Our Tindie Guarantee protects your purchase from fraud. Learn More

The Open Authenticator is an open source TOTP based hardware authenticator using ESP32.

What is it? The Open Authenticator is an open source TOTP based hardware authenticator using ESP32. In layman's terms, this does what Google Authenticator or Authy does. This uses a custom-built pcb …

What is it?

The Open Authenticator is an open source TOTP based hardware authenticator using ESP32. In layman's terms, this does what Google Authenticator or Authy does. This uses a custom-built pcb and a 3d case, also it uses a firmware built for this purpose using esp-idf, uses lvgl as the GUI library.

The features of open authenticator's printer circuit board are:

Small form factor of 82 mm x 42 mm
Uses ESP32-WROOM-32D module
Uses 128x64 0.96" inch OLED panel
Uses DS3231 RTC with battery backup (CR2032) for timekeeping
Powered by 3.7V 300 mAh LiPo battery
Uses MCP73831 for charging LiPo battery
Uses TPS63001 Buck Boost Converter IC for efficient 3.3V power supply, with input range from 1.8V - 5.5V
Uses TPS22919 Load switch to control power to OLED and RTC chip
Autoselect power source, i.e., battery or USB
USB Type-C for charging only (no data pins connected)

Why did you make it?

I was always amazed at these small devices. My dad uses these to log into his work laptop, I couldn't understand how can it generate a code without being connected to any network.

I fired up google and tried to search about it, and surprisingly it used a pretty amazing concept. It had a shared key with the server, and then it did some computation on the shared key and current UTC time to get a 6-digit number. So, the remote device just had to be accurate at timekeeping. It uses a algorithm called TOTP (Time based one time password), it's been standardized and there's no point in getting into the details, here's the standard if anyone wants to take a look. You can read this article on freecodecamp.org for more layman-ish approach to the whole algorithm.

What makes it special?

It is open source licensed under MIT, also the firmware is made using open source esp-idf, and the code itself being MIT licensed. Generally storing the keys in mobile phone and accessing through an application like Authy or Google Authenticator. Here comes the Open Authenticator, it is a dedicated hardware device to store keys and display them. You can carry it around or keep it in a locker safe from being stolen. You are separating your 2FA key from your mobile device thus, increasing the security.

This is a beta build, and flash encryption isn't enabled in firmware. Don't use this for serious stuff like generating keys for your nuclear missiles :P

What is included

Due to shipping restrictions, products shipped outside India won't have the LiPo Battery and CR2032 included. Please buy one locally and email me at vedant@ve0x10.in for a refund. The refund is included in the product cost. Sorry for the inconvenience.