[Request] Add QR Code To Token Delivery

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)
User avatar
Site Admin
Posts: 1275
Joined: Wed Feb 05, 2014 3:47 am

[Request] Add QR Code To Token Delivery

Post by parityboy » Sat Jun 10, 2017 5:10 pm

As the title says, it would be useful to have the token expressed as a QR Code when delivered via browser or email. It would make life much easier when adding a new token to OpenVPN on a mobile device.


Re: [Request] Add QR Code To Token Delivery

Post by gee548 » Fri Jun 16, 2017 10:42 am

QR via browser so would it also be possible to have the hashed SHA512 token value encoded as 2nd optional QR code?

@parityboy neat idea !

ofc over the shoulder capture from a fair distance has to be factored in xDDD

Posts: 4
Joined: Thu Jun 15, 2017 10:29 pm

Re: [Request] Add QR Code To Token Delivery

Post by PrivacyActivist » Sat Jun 17, 2017 11:25 am

Hash: SHA512

I suppose it's a cool idea but... It might be simpler for the user to login to their email from their mobile phone. If they don't trust Android or iOS (which I wouldn't blame them) they could manually navigate to the main website and manually enter their token and hash it from the mobile phone.
Version: GnuPG v2

☢ Unofficial Support ☢ All messages are signed with my PGP key (so you can verify that the message has been created by me and has not been tampered with or corrupted). You can view my key here.

User avatar
Site Admin
Posts: 495
Joined: Thu Jan 01, 1970 5:00 am

Re: [Request] Add QR Code To Token Delivery

Post by df » Mon Sep 18, 2017 3:41 pm

The reason we've never gotten around to implementing this is because the QR code would have to point to something, and without a protocol handler in the official OpenVPN app that we recommend, it wouldn't be possible to do a type of scan -> "preload token into app" thing.

So the only way I can think of to use QR codes for token deliver is if we coded our own Android/iOS app, and that's not something we plan on doing anytime soon.

User avatar
Site Admin
Posts: 1275
Joined: Wed Feb 05, 2014 3:47 am

Re: [Request] Add QR Code To Token Delivery

Post by parityboy » Tue Sep 19, 2017 5:42 pm


It would be good enough to deliver the QR code in-browser in the same page where the token is delivered currently. This also gives CS the opportunity to pre-emptively hash the token and generate the QR code from that. Once it's imported into the phone, it's then up to the user to apply SHA512 (or not), and then copy & paste the result into Arne Schwab's OpenVPN client.

It would certainly make life a whole lot easier than the current situation, where a QR code has to be generated manually and then loaded into an image viewer before being scanned.