Usage Guide

This guide provides a detailed overview of GAuth's features and how to use them effectively.

The Main Screen

The main screen displays a list of all your configured accounts. Each entry shows:

  • Account Name: The name you provided for the account.
  • One-Time Password (OTP): A 6-digit code that changes periodically.
  • Countdown Timer: A small number in the top-right corner of the list indicates how many seconds are left before all codes refresh.

Adding a New Account

To add a new account, click the Add button at the bottom of the main screen. This will take you to the "Add account" page, which contains a simple form.

  • Account name: A descriptive name for your account (e.g., personal@gmail.com, GitHub (work)). This is for your reference only.
  • Secret key: The Base32 encoded key provided by the service you are enabling 2FA for. Spaces in the key are allowed and will be automatically removed.

After filling out the form, click the Add button to save the account.

Managing Accounts

To manage your existing accounts, click the Edit button in the header of the main screen.

When edit mode is enabled:

  • The Add button becomes visible if it was hidden.
  • A delete icon appears next to each account.

To delete an account, simply click the delete icon next to it. The account and its secret key will be permanently removed from your browser's storage.

Click the Edit button again to exit edit mode.

Settings: Exporting Your Keys

It is crucial to back up your secret keys. GAuth provides an export feature for this purpose.

  1. Click the menu icon in the top-left corner.
  2. Select Settings from the panel.
  3. Click the Export keys button.

This will generate and download a file named gauth-export.json. This file contains all your account names and secret keys in a plain-text format.

[
  {
    "name": "alice@google.com (demo account)",
    "secret": "JBSWY3DPEHPK3PXP"
  },
  {
    "name": "GitHub (personal)",
    "secret": "HEWXYZABCHEWQ7C4"
  }
]

Security Warning: The exported gauth-export.json file contains your sensitive 2FA secret keys. Anyone with access to this file can generate codes for your accounts. Store this file in a secure, encrypted location, such as a password manager or an encrypted disk image.

Offline Functionality

GAuth is designed to work completely offline. After you load the application for the first time, your browser will save all necessary files using the Application Cache (as defined in cache.manifest). This means you can open your browser and use GAuth to generate codes even without an active internet connection.