Back to Home
zv-louis icon

mktotp

Verified Safe

by zv-louis

View Source

Overview

Manage TOTP (Time-based One-Time Password) secrets and generate authentication tokens locally, with an option to run as a local MCP server.

Installation

Run Command
mktotp mcp --mcp-server

Security Notes

The project implements robust security measures for managing TOTP secrets. Sensitive secret strings are stored locally in a JSON file with strict owner-only file permissions (0o600 on Unix, `icacls` on Windows). When acting as a local MCP server, the implementation explicitly prevents the raw secret values from being exposed to the agent (e.g., LLM), only providing non-sensitive metadata like name, account, and issuer. Communication is primarily via stdio, limiting network exposure. No 'eval' or obfuscation is used.

Similar Servers

mcpm.sh

860

MCPM is a command-line tool for managing Model Context Protocol (MCP) servers, enabling discovery, installation, execution, sharing, and integration with various MCP clients.

Other
8
$Low

mcp-use-cli

47

An interactive command-line interface (CLI) tool for connecting to and interacting with Model Context Protocol (MCP) servers using natural language, acting as an AI client that orchestrates LLM responses with external tools.

Other
4
$Medium

authenticator_mcp

30

Enables AI agents to securely retrieve 2FA codes and passwords from a local Authenticator App for automated login processes.

Other
9
$Low

ggmcp

27

A focused MCP server for developers, providing remediation tools for secrets detected in code and honeytoken management capabilities.

Other
9
$Medium

Stats

Interest Score0
Security Score9
Cost ClassLow
Avg Tokens1
Stars0
Forks0
Last Update2025-12-19

Tags

TOTP2FASecurityCommand-line toolMCP Server