Google authenticator invalid barcode on scan
Solution 1
It appears that both Google and IOS Authenticator apps don't like spaces in the 'Account Name' in OTP QR Codes. Replace them with something like - or _ or remove them.
The Windows phone app allows spaces and a version I installed on a Android Phone 6 months ago worked. I didn't get chance to test IOS but it looks like IOS has an issue. Entering the key manually works just fine but not scanning a QR Code with a SPACE in it.
Solution 2
Just replace &secret=
with ?secret=
(don't forget to url-encode).
Also I don't know if this is the case here but the account name cannot have a space. It would work if you scan with Androids, but not with iPhones (go figure!)
Solution 3
You should fully URL encode the data that you pass to the charts API.
otpauth%3A%2F%2Ftotp%2Fuser4%40noemail.com%26secret%3DUOPKN6QFW3J6PW74
That should ensure that the data is encoded properly.
Solution 4
Replace the spaces by %20 in QR code URL. This issue occurs only in Google Authenticator iOS App. In Android, it works without replacing spaces.
Comments
-
Jetoox almost 2 years
here's my code in generating the qr code
public function getUrl($user, $hostname, $secret) { $encoder = "https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl="; $encoderURL = sprintf( "%sotpauth://totp/%s@%s",$encoder, $user, $hostname); $finalEncodorURL = $encoderURL . "%26secret=". urlencode($secret); return $finalEncodorURL; }
supposedly this will generate a qr code, and it does. but when i scan this code using google authenticator app, it will generate an error
The barcode 'otpauth://totp/[email protected]&secret=UOPKN6QFW3J6PW74' is not a valid authentication barcode.
but when "manual entry" using the secret key, it'll work and i can login just fine using the generated key.
i found stuffs in the internet saying i should urlencode the data, i did, but still it wont work.
here's a sample url generated by the function above:
https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl=otpauth://totp/[email protected]%26secret=UOPKN6QFW3J6PW74
am i missing something or did something wrong?
-
Jetoox almost 10 yearsI did fully url encode the data, but it doesn't work. here's the full url of the qr code chart.googleapis.com/…
-
Jonny Roller over 8 yearsConfirmed... the iOS app does not like spaces. :(