Главная Обзор Помощь
Вход
torambo.com
/
Momentum-Apps
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 3323d22c53
Ветки Метки
Momentum-Apps
/
FAQ

FAQ 2.4 KB
История Исходник

123456789101112131415161718192021222324252627282930313233 
  1. # Frequently asked questions
    2. 

  2. 

  3. ## Is it secure?
    4. 

  4. 

  5. Flipper Authenticator stores token secrets in config file in encrypted form. Encryption is done using standard Flipper Zero API, which states that it is using AES encryption with built-in into flipper secret key and initialization vector (IV) generated by the app at initial setup XOR-ed by user's PIN (or Flipper UID, if PIN not setup by user).
    6. 

  6. 

  7. So in theory to get plain token secret it is necessary to have original Flipper Zero device where config file was generated and know user's PIN (if user setup PIN).
    8. 

  8. 

  9. If user provides plain token secret manually straight to a config file, once app will be launched it will detect plain token, will encrypt it and will replace plain token secret with encrypted copy.
    10. 

  10. 

  11. Let me know if you have an ideas of how we can make Flipper Authenticator even more secure.
    12. 

  12. 

  13. ## How to get it?
    14. 

  14. 

  15. If you don't want to build the app yourself then just pull FAP file from [latest release](https://github.com/akopachov/flipper-zero_authenticator/releases) and put it to your Flipper Zero device by copying it to `/ext/apps/Misc`. After that you should be able to run it on your Flipper.
    16. 

  16. 

  17. ## How to build it?
    18. 

  18. 

  19. Pull the repo with recursive submodule initialization and then run `./build.ps1` command to build the app. Once done FAP files will be available in the `build` directory.
    20. 

  20. 

  21. ## Where is config file?
    22. 

  22. 

  23. At first start app will create new config file (default location is [`/ext/apps/Misc/totp.conf`](https://github.com/akopachov/flipper-zero_authenticator/blob/master/totp/services/config/config.c#:~:text=%23define%20CONFIG_FILE_DIRECTORY_PATH,totp.conf%22)).
    24. 

  24. 

  25. Detailed description of file format can be found [here](.github/conf-file_description.md)
    26. 

  26. 

  27. ## How to change\recover PIN?
    28. 

  28. 

  29. There is no way to change or recover PIN once it is set without loosing all the token secrets. If you would like to completely reset app settings including PIN and all the tokens - just delete `/ext/apps/Misc/totp.conf` file. Flipper Authenticator will create new empty file and you will be able to setup everything from scratch.
    30. 

  30. 

  31. ## How to backup?
    32. 

  32. 

  33. All token secrets are stored in encrypted form and are tied to an original Flipper device and PIN. Given that, there is no sense to try to backup `/ext/apps/Misc/totp.conf` file as it will not help you in situation when you loose your Flipper device. Instead use your favorite password manager to store plain token secrets and\or any other information which will help you recover your accounts.
    34.