If a service wants you to download #GoogleAuthenticator for #Android or #iOS to activate mandatory 2nd authentication factor:
- It's the same as using
<space> nitropy nk3 secrets add-otp --protect-with-pin --touch-button --digits-str 6 --kind totp paloalto <seed> with your #Nitrokey 3 - don't forget to check the command history to delete the key from there in case the leading space of the
nitropy-command didn't stop your shell from saving the command to history.
- If they then show you a QR you're supposed to scan with your always online, known to be unsecure, sending everything to the cloud device there's ususally a button for
can't scan that'll show you the seed
right click/inspect (q) which you can use to have a quick look at the source of the element to copy the seed from the source (think about how secure your clipboard is and whether you need to delete the seed afterwards from it. Big mess: clipboard history writing to disk possibly without full disk encryption).
- Otherwise - if there's no way to get a text view of the seed - take a screenshot of the qr, save it, and use
zbarimg <screenshot-file> to get the text reading from the qr