OTPClient: Free TOTP and HOTP token manager with built-in encryption

OTPClient: Free TOTP and HOTP token manager with built-in encryption

OTPClient: Free TOTP and HOTP token manager with built-in encryption

At the beginning of the year, we made a great publication related to the theme of Security of the information. More specifically on the subject of the use of 2FA technology, better known in Spanish, as "Double Authentication Factor" o "Two-factor authentication". And also on how to install proprietary applications called Google Authenticator and Twilio Auth, using the graphical application called GNOME software. While today, we will explore a free and open call "OTPClient".

which is nothing more than a GTK+ application for managing TOTP and HOTP tokens with built-in encryption, that is, to handle two-factor authentication, supporting both time-based one-time passwords (TOTP)As HMAC-based one-time passwords (HOTP).

2FA on Linux: How to install Google Authenticator and Twilio Authy?

2FA on Linux: How to install Google Authenticator and Twilio Authy?

And as usual, before getting into today's topic about the application "OTPClient", and more specifically on the version available "" available in flatpak format, we will leave for those interested the following links to some previous related posts. In such a way that they can easily explore them, if necessary, after finishing reading this publication:

"The “2FA” technology, better known in Spanish as “Double Factor Authentication” or “Two-Factor Authentication”, is an excellent protection method, since it implements one more layer of validation in our activities. And to use this technology, there are many apps such as Google Authenticator and Twilio Authy. Which, here we will see how to install them on GNU/Linux". 2FA on Linux: How to install Google Authenticator and Twilio Authy?

Related article:
Google will enable two-factor authentication by default for everyone

Related article:
Google is working on a new 2FA authorization feature that will be based on QR

OTPClient: GTK+ Software for Two-Factor Authentication

OTPClient: GTK+ Software for Two-Factor Authentication

What is OTPClient?

According to its developers, in its official website on GitHub, it is briefly described as follows:

"It is an OTP client written in C/GTK, which supports both TOTP and HOTP. Therefore, it is highly secure and easy to use for two-factor authentication, supporting both time-based one-time passwords (TOTP) and HMAC-based one-time passwords (HOTP).".

While, in his official website on FlatHub, describe it more broadly as follows:

"It is an easy to use GTK application to securely manage TOTP and HOTP tokens. In it, the content is encrypted on disk using AES256-GCM and the master password is obtained using PBKDF2 with 100k iterations and SHA512 as the hash algorithm. Also, it allows to import/export backups from/to OTP, and import backups from the Authenticator+ app.".


Currently, some of his most outstanding features are:

  1. Support custom digit setting (between 4 and 10 inclusive).
  2. Allows you to set a custom period (between 10 and 120 seconds inclusive).
  3. The local database is encrypted with AES256-GCM.
  4. The key is obtained using PBKDF2 with SHA512 and 100k iterations.
  5. The decrypted file is never saved (and hopefully never swapped) to disk.
  6. The decrypted content resides in a "secure memory" buffer allocated by Gcrypt.
  7. Includes support for both TOTP and HOTP; SHA1, SHA256 and SHA512 algorithm support; and support for Steam codes.
  8. Allows you to import encrypted backup copies of Authenticator Plus; import and export encrypted and/or plain andOTP backups; import and export raw FreeOTPPlus backups (only in key URI format); and import and export the raw Aegis backup (json format only).

App review

Before starting the review of this application, it is worth noting that it will be tested on the respin called MilagrOS 3.0 MX-NG-22.01 based MX-21 (Debian-11) with XFCE and that we recently explored here!.

Download and Installation

For its download and install we have executed the following command prompt in a terminal (console), as shown below:

«sudo flatpak install flathub com.github.paolostivanin.OTPClient»

OTPClient: Screenshot 1

Execution and exploration

Once installed, we can start it and explore it, as shown below:

OTPClient: Screenshot 2

OTPClient: Screenshot 3

OTPClient: Screenshot 4

OTPClient: Screenshot 5

OTPClient: Screenshot 6

OTPClient: Screenshot 7

OTPClient: Screenshot 8

OTPClient: Screenshot 9

OTPClient: Screenshot 10

OTPClient: Screenshot 11

For more information on "OTPClient", you can explore the following links:

Roundup: Banner post 2021

Your Order

In summary, we hope that this guide or tutorial for install "OTPClient", installing its latest version available through the Flatpak package manager, be of great use to many, especially those who need to access important online applications and services, through two factor authenticationBoth time-based one-time passwords (TOTP)As HMAC-based one-time passwords (HOTP).

We hope that this publication is very useful for the entire «Comunidad de Software Libre, Código Abierto y GNU/Linux». And don't forget to comment on it below, and share it with others on your favorite websites, channels, groups or communities of social networks or messaging systems. Finally, visit our home page at «FromLinux» to explore more news, and join our official channel Telegram from DesdeLinux.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.