OTP-Manager

A secure solution for managing one-time passwords locally. No internet communication required. The program features a clean dark design and does not communicate with any external servers.

A fully polished, standalone version of OTP-Manager is in development as an embedded web app for macOS and Windowsβ€”bringing an even smoother installation and enhanced default features to the server edition.

About OTP-Manager

The OTP-Manager is a Flask-based application designed for secure, local management of one-time passwords (OTPs). It's ideal for users who prioritize privacy and security.

  • Self-hosted service with no external dependencies.
  • Completely offline operationβ€”no internet connection needed.
  • Store up to 700 TOTP secrets securely.
  • Features a clean, user-friendly interface.
OTP-Manager Preview

Feature Highlights

Feature 1
Feature 2
Feature 2
Feature 3
Feature 3
< >

How to Install OTP-Manager

Prerequisites

  • Python 3.6 or higher
  • PIP (22.3.4)

Recommended Setup

  • It is highly recommended to use Debian or Ubuntu (minimalized) as the server OS for installing OTP-Manager.
  • A Docker container is currently in development.
  • The Windows installer is on hold due to poor performance on Windows and no real demand. Please open an Issue on GitHub if youre Interrested in it.

Steps

  1. Clone the repository: git clone https://github.com/Migrim/OTP-Manager.git
  2. Navigate to the project directory: cd OTP-Manager
  3. Install the required dependencies: pip install -r requirements.txt
  4. Run the application: python app.py

How to Configure OTP-Manager

  1. Open the configuration file config.ini located in the project directory.
  2. Update the following settings:
[server]
port = 5002
secret_key = your-secret-key

[database]
path = instance/otp.db
  1. Save the changes and restart the application.

How to Use OTP-Manager

  1. Open your web browser and navigate to http://localhost:5002 (or the port you set in the config).
  2. Log in with the pre-configured admin credentials:
    • Username: admin
    • Password: 1234
  3. Change the admin password and create a new user for yourself. Note that new users can only be created by the admin user.
  4. To add a company:
    • Open Management > Company Settings.
    • Enter the following details:
      • Name: The name of the company or folder (you can use companies as folders as well).
      • Kundennummer: Your company identification number (set a random ID if you don't have specifics).
      • Web-Password: If this option is displayed, type in whatever you want. This will be removed later as the Web API is deprecated, and OTP-Manager is completely offline.
    • Click Save.
  5. To add a new OTP entry:
    • Click on Add.
    • Enter the service name (must be at least 4 letters), the secret key, and optionally an email.
    • Choose a company. If no company exists, you need to create one first under Management > Company Settings.
    • Click Save.
  6. To view the OTP for a service, navigate to the service entry, and the OTP will be displayed.

About Page

The About page provides a quick overview of system statistics and recent activity. It includes:

General Stats:

  • Stored OTPs – Total number of OTP entries stored in the system.
  • Logins Today – Number of logins that occurred on the current day.
  • Times Refreshed (Requested OTP Updates) – How often OTPs have been refreshed.
  • Server Uptime – The duration since the server was last restarted.
  • Last User Login – Timestamp of the last successful login.
  • Current Server Time – Displays the server’s current time.
  • Current RAM Usage – The amount of RAM currently in use.
  • Current CPU Usage – Displays the current CPU load.
  • Current Disk Usage – Shows how much disk space is occupied.

Recent Stats:

  • A graph visualizing the frequency of OTP refresh requests over time.

OTP List

Search Bar

  • Search for secrets in the database by typing in the Name, Company, or E-Mail.
  • Press Enter after entering a search term to display results in a detailed list view.
  • The search input can be toggled with:
    • ALT + Q on Windows
    • Option + Q on macOS

Company Dropdown

  • Located next to the search bar.
  • Selecting a company opens all secrets stored under that company in the detailed list view.

OTP Cards

  • Each OTP entry is displayed as a card with the following actions:
    • Delete – Only administrators can delete stored secrets.
    • Copy – Copies the OTP to the clipboard.
    • Edit – Only administrators can modify stored secrets.
  • Secrets can be revealed by hovering over the dot icon.

User Settings

General Settings

  • Display Page Titles – Toggles the heading on all pages (Work in Progress).

OTP-Container Settings

  • Show a Simple Text Timer instead of a Progress Bar – A more efficient text-based timer, recommended for instances hosted on a server.
  • Show the Type of OTP in the OTP List – Toggles the "Type" column.
  • Show Emails in the OTP List – Toggles email visibility.

Theme Settings

  • Users can choose a color that affects the OTP-Container and the text hover color of the navigation bar.

Requirements

OTP-Manager requires several dependencies to function properly. Below is a list of required packages and their purpose:

  • Flask – The core framework for handling web requests and rendering templates.
  • Flask-Bootstrap – Provides Bootstrap integration for styling the web interface.
  • Flask-WTF & WTForms – Used for handling web forms securely and validating user input.
  • Flask-Session – Manages user sessions and stores session data.
  • Flask-Login – Handles user authentication and session management.
  • Flask-Bcrypt & bcrypt – Ensures password hashing and authentication security.
  • Flask-Cors – Enables Cross-Origin Resource Sharing (CORS) if needed.
  • pyotp – Generates and verifies OTP (One-Time Passwords).
  • requests – Used for making HTTP requests to external services.
  • psutil – Monitors system resources like CPU, RAM, and disk usage.
  • configparser – Parses and manages configuration files.
  • schedule – Handles scheduled tasks like OTP updates or cleanup.
  • ntplib – Syncs time via the Network Time Protocol.
  • werkzeug – Provides security utilities like password hashing.

All dependencies can be installed using: pip install -r requirements.txt

Need Help?

If you encounter any issues or have questions, feel free to:

Contribute on GitHub
πŸͺ Cookie Notice

We use cookies to ensure that we give you the best experience on our website.

What we use Cookies for?