SailOTP Online Help
Main View and Active Cover
After the first start of SailOTP you will be greeted with an empty main view.
To add tokens, use the top pulley menu, and select Add Token. For details on adding Tokens, see Adding Tokens
Export / Import allows you to export all tokens to an encrypted backup file or import them from a previous backup.
Added tokens are shown in a list. At the top is a timer bar, which runs down for 30 seconds. It shows how long the current tokens are valid.
Each token has 2 or 3 columns:
The Starring Marker at the Left
The starred token will be shown on the Active Cover
Title and Token Value in the Middle
The selected title of the token and its current value. Taping on it will copy the token to the clipboard.
Refresh Button on the Right (Only for HOTP Tokens)
This button is only shown for counter-based tokens. Taping the button will increase the counter by one and generate the next token.
A long tap on the token will open the list menu.
By using the Move Up and Move Down options, the tokens can be reordered.
The order used in the Main View is also the order of the tokens when switching them on the Active Cover.
With the Edit option you can change the settings of a token, including its title, secret, type and length.
From the Edit Page it is also possible to show a QR-Code of the current settings (using the pulley menu on this page), e.g. for exporting a token to another device.
The settings on the Edit Page are the same as for adding tokens, a detailed description can be found in the next section.
The option Delete will permanently delete the selected token after a 5s remorse timeout.
On the Active Cover of SailOTP, the currently starred token is shown.
You can switch to the next/previous token in the list with the arrow buttons at the bottom.
The token will automatically refresh for all time-based types, 5s before the next token is generated the token colour will switch to red.
For HOTP tokens the left arrow will be replaced with a refresh button, so you can generate the next token from the cover.
SailOTP supports TOTP, HOTP and Steam Guard tokens. New tokens can be added by scanning a QR-Code, or by manually editing the settings.
From the Add Token option in the Main Views pulley menu you'll get to the Scan page.
This page will activate the camera to make it possible to scan the QR-Code as it is provided by most services when activating OTP authentication
Tap the screen to start scanning, the title at the top left of the page will switch to scanning... Taping the screen again will stop the scan.
If a valid token config was found in the QR-Code, SailOTP will automatically switch to the settings page to confirm the settings and save it.
If you don't have a QR-Code but only the settings (token secret) you can switch to the settings page without scanning by using the pulley menu on the scan page.
The available settings depend on the selected / recognized token type.
For time based tokens (TOTP) the settings are as shown here:
Title: Title of the token to show in the list (e.g. Service Name)
Secret: The shared secret of the token, as provided by the service (Note: The Secret has to be BASE32-Encoded)
Length: The number of Digits for the token, default value is 6
Time Derivation: Time based tokens depend on a synchronized time between the server and the device running SailOTP.
A positive or negative value of seconds here can be used to compensate for a time difference between the server and SailOTP
For counter based tokens (HOTP) the first 3 Settings (Title, Secret, and Length) are the same as with TOTP-tokens.
The fourth setting is the Next Counter Value. It defines the initial counter that is used to generate the next token. If you
activate HOTP for a service for the first time, this should normally be 1. If you are importing from another token generator / device,
the counter has to be set to the last value of the device you are importing from.
For Steam Guard tokens, only the Title and the Secret can be set, since all other Settings are predefined for this type.
At the moment SailOTP can't do the initial activation process for Steam Guard, so activating it has to be done with the official Android App.
To get the secret form the Android App the following steps are neccessary:
Open the Terminal on your SailfishOS Device
Switch to root with devel-su
Change to the directory /opt/alien/data/data/com.valvesoftware.android.steam.community/files/
Open the file Steamguard-<steamid> from the directory
Find the URL string which looks like this: otpauth://totp/Steam:<your_steam_username>?secret=<secret>&issuer=Steam
You can now use the secret from the URL to manually add the token to SailOTP
Export and Import
SailOTP can export the settings of all Tokens to an encrypted backup file for backup purposes or for transferring them to another SailOTP instance.
Export and Import can be initiated from the Main Views pulley menu by choosing the Option Export / Import
SailOTPs backup file is a JSON textfile encrypted with AES-265-CBC and encoded with Base64. If you want to extract the settings outside of SailOTP,
You can do so by using openssl:
openssl enc -d -a -A -md md5 -aes-256-cbc -in sailotp_20160723.aes
This command will print the JSON-Formated settings to STDOUT
The default path for the backup file is the home directory of the nemo user. The filename is set to sailotp_<YYYYMMDD>.aes by default. You can edit
the path and filename to your liking.
If the option Overwrite existing is active, the Export will overwrite any existing files of the same name. Without this option, the export will
not work if a file with the chosen name already exists.
Password defines the Password that is used for AES-encrypting the backup file. Make sure to chose a strong password, since the backup file contains
the secrets of all tokens that are configured in SailOTP. To exclude the possibility of typos in the password, it has to be entered twice.
For import you have to put in the path and filename to an existing backup file. You also need the password that was used to export the file.
Existing tokens will not be overwritten by the Import. If the backup file contains a token that is already configured ins SailOTP (Title and Secret match)
It will not be added again.