I got stuck with a banking account which seems to require 2FA from google.
I have no idea how this is supposed to work but it seems to be a QR code I snap with a camera.
Is there a way to pass a 2FA check this in a home that only uses real Linux devices?
Will I have to buy a new throw-away android phone to pass the 2FA check?
I am going to dump this account, but for now I have to deal with this.
Ideas?

Can't you change it to use email or phone number instead of Qrcode for 2FA? Or if you can set up androidbox and run google authenticator on that?

Or could webcam be used for QRcode in linux somehow to authenticate if that machine is signed in with google?

All good ideas, my concern is if I do it wrong it will get locked up and I will have to do way more work than finding an old phone with stock android.
I think I do have an old google account too so good ideas, though I imagine it would want to have access to SMS, right?
(edit)
https://medium.com/@tilaklodha/googl...s-2933a4ece8c2
it seems to need google play....
(edit 2)
I was able to install the google authenticator app onto a tablet with lineageos and microg, it worked for the login, apparently there is also a chromium/chrome app that will work though the app from the aurora store(gets from the google app store) is able to use the QR codes with a camera, not sure about the chromium app.
altogether dirty and I hope to be free of this bank soon, but until then I have a working solution without google play

Do you have to use Google authenticator? My work says I need Microsoft authenticator app, but I used the QR-code in Google authenticator.
You could try to set up one of these if you took backup of the code: https://alternativeto.net/software/g...nse=opensource

I dont know if http://maemo.org/packages/view/otp/ has time based otp or is compatible.

Nice work biketool!!!

So with more research I found several free/libre implementations of the same functionality in f-droid(foss android compatible .apk store). The code linked above at medium.com could probably be hacked into one of the existing barcode apps and run on the N900 or whatever device you wanted.
<edit>
Or use this:
https://get2fa.dev/

Yes, this one works very well. I've been using it on my N900 for years, and even ported it to Maemo Leste.

It doesn't support QR codes, and requires conversion of the code/secret according to https://github.com/jwhitbeck/otpn900...ment-408625414.

Other than that, it's pretty reliable :-)

Thanks!
I suppose you could cut/paste form a barcode reader.
It may sound stupid, but I have avoided successfully 2fa until now and have moved out of that account so am free of it again; but it is good to know I have an option. I only realized after the fact reviewing some code that this was not a thing relying on google-play services.

I am currently still using socak Maem05/N900 daily but testing prototyping some hardware for pinephone but I hope the day is near that I can
1-boot Leste from a SD on pinephone
2-make phonecalls/SMS/data
Phosh is not great and even under Deboan(Mobian) it is moving slowly while Maemo-Leste is already working with a good base mobile UI OS and apps.

A lot of 'new' tech is of arguable value, but I think 2FA is really worth it to enable on any service where it's supported

It seems reasonable except that the failure of the electronic device you rely on to combine the secret seed and time to output the verification code means destruction or failure of the device is an automatic lockout.
This is a great solution if we are talking nuclear missiles but I prefer other methods which don't have such a glaring failure mode.
I ended up having that exact failure thinking I had already transferred out what I needed and sent the closure request. I had to show up in person a very long ways away to correct the issue.
Had that been an on-line only account I would have lost my funds or perhaps have been liable for years of fees sometime in the future.
Between military rescue and aviation I just assume everything I rely on will be broken when I really need it most and 2fa relies on a single or several precious devices. Perhaps it is possible to cut/paste the seed for later use, but I think many systems that offer this service do not have a way to recover or worse will kill/reset the 2fa too easily making it a false security.
I really feel that this whole experience was a big show of security theater towards the end where things were reset too easily during the day I was going to the financial institution to confirm the transfer and closure of the account personally. It exposed too many people with admin authority who could be social engineered into opening my account to be emptied or just doxxing my info.
To explain my security mindset I give the example of a friend who lost their protonmail password. they did the password recovery and could read the email subject lines but they lost their crypto key in the reset, a bad actor who had taken the email account couldn't then read any of the messages. Protonmail fails safe. they might even offer 2fa, but with just username and password even a refugee who showed up in Europe or Canada naked could still use an account user/pass stored in their own mind to access communications or even recover a crypto currency wallet.