In this tutorial, we are going to autogenerate time-based TOTP using python for Automated Login purposes. TOTP-based login verification is a standard now most brokers across the country had adopted as Two Factor Authentication. In this tutorial used AngelOne Trading Account for the TOTP generation process. Broker to Broker the TOTP generation procedure might vary.
What is 2-factor authentication (2-FA)?
The 2FA or 2-factor authentication is a user authentication process where brokers offer to traders/investors any two of the following three types of authentication mechanisms to users for logging in to their online trading account-
- Knowledge factor (i.e. something that only the user knows) e.g. PIN, password, etc.
- Possession factor (i.e. something that only the user has) e.g. OTP, security token, authenticator apps on smartphones, etc.
- Biometrics (i.e. biological identity markers of the person) e.g. fingerprint, face id, pattern, etc.
Manual TOTP Generation Process using Google Authenticator
Step 1 – Visit smartapi.angelbroking.com/enable-totp
Step 2 – Enter your Angel One client id and trading terminal password or MPIN
Step 3 – Enter OTP sent to the Registered email & mobile. Once OTP is entered, you will see a QR code on the screen and a token number on the screen.
Step 4 – Open the Google Authenticator App. Install it from Android Playstore or Apple Store
Step 5 – Scan the QR code generated from our site on your authenticator app
Google authenticator now generates TOTP(Time-based OTP) and it is valid for 60 seconds. Use this for manual TOTP verification
How to Generate TOTP using Python Automatically?
PyOTP is a Python library for generating and verifying TOTP-based login verification. It can be used to implement two-factor (2FA) or multi-factor (MFA) authentication methods in web applications and in other systems that require users to log in.
Install pyOTP library using the PIP command
pip install pyOTP
Python Code for TOTP generation
import pyotp
import time
token = 'enter your QR code token'
totp = pyotp.TOTP(token).now()
print("Totp is : "+totp)
Output:
Totp is : 979337
The generated TOTP should be exactly matching with Google Authenticator