My mail service offers HOTP, TOTP, Yubikey and some other 2FA methods, all Google Authenticator compliant. No U2F unfortunately. However, when I select TOTP it comes up with a bar code, that I can scan in my Authenticator app and that works, and it comes up with an otpauth://totp/… link with a secret in it. It also outputs the generated seed. It does not offer a “can’t scan the barcode?” option. I have entered both the secret (which is a 32 characters random string with numbers and capitals) and the seed (which is a 40 characters hexadecimal string) in the Google Authenticator OTP (TOTP) field in the slot, but 2FA does not work. When I output the login to a text editor, I get an OTP but it does not match the one generated in the Authenticator app. How can I resolve from this problem and provide OnlyKey with the correct base to generate the OTP?
I believe TOTP uses base 32 for the secret key. Normally there is an option to copy/paste the key instead of the QR code and that string you copy/paste is base 32. You could convert hex to base 32. You could also test your method here to make sure it works - https://totp.danhersam.com/
I use andOTP for this. (FreeOTP+ is similar) Both available on F-droid.org. PlayStore sucks™
Edit in the Accounts and put the
Secret in the OnlyKey.