go-otp implements one-time-password generators used in 2-factor auth systems #golang

The Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens. Currently this supports both HOTP (RFC-4226), TOTP (RFC-6238) and Base32 encoding (RFC-3548) for Google Authenticator compatibility


Why One Time Passwords?

One Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user’s phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, Github, Facebook, Salesforce and many others.

The otp library enables you to easily add TOTPs to your own application, increasing your user’s security against mass-password breaches and malware.

Because TOTP is standardized and widely deployed, there are many mobile clients and software implementations.

otp Supports:

Generating QR Code images for easy user enrollment.
Time-based One-time Password Algorithm (TOTP) (RFC 6238): Time based OTP, the most commonly used method.
HMAC-based One-time Password Algorithm (HOTP) (RFC 4226): Counter based OTP, which TOTP is based upon.
Generation and Validation of codes for either algorithm.