System › BluePass
thumb_up Follow me on GitHub to get notifications about my projects (like Fossdroid Core), thanks! close

BluePass

BluePass extracts 2FA tokens from SMS and forwards them via Bluetooth
Version: 0.2.1
Added: 02-11-2021
Updated: 02-11-2021
Description

BluePass extracts two factor authentication codes (2FA) from SMS and sends them
to a paired device via Bluetooth RFCOMM. A Qt based companion app
bluepass-server
will receive the 2FA codes and provide them via the system clipboard.


Use Case

The company I work for is relying on third party services that require to
authenticate using 2FA. The second factor is an SMS to your mobile phone.
This app was built for convenience, to avoid having to unlock your phone,
find the message and then type the received code on the PC.

It is not about the time saved, it's about getting rid of robot tasks.


Setup

You have to configure parameters to match the sender of the SMS and parse
the code from the messages sent to you. Currently, regular expressions are
used for this task. However, a very basic setup will be provided below.

Regular expression for sender has to be set to a regular expression that
matches all the senders of SMS (as they appear in your chat application).
Multiple numbers and names can be provided:

  • To match CompanyA, you might simply putCompanyA into the box

  • To match CompanyA and 12345678, write (CompanyA|12345678)



Regular expression to filter the content has to be set to a regular expression
that matches the messages you want to catch. Additionally, it has to define one group
to extract the actual code that has to be sent to the PC.


  • To match any number, you can use [^\d]*(\d+).*

  • To match a code only with 6 digits, use: .*(\d{6}).*



... as the process of defining a proper regular expression is not that easy, there is
another text box Test message. You can paste here the content of the SMS that
you want to match and adjust the regular expression until it gets parsed correctly.

The last step of the configuration is to pair with the bluetooth adapter of your PC
and configure the adapter to be used.


Operation



  • Whenever your mobile phone receives an SMS (and the settings above are
    configured), this app will try to match the sender and content. If one
    of the two doesn't match, the message will not be processed any further.


  • If the 2FA code could be extracted, a foreground service will be started
    (status bar) and the app tries to connect to the configured Bluetooth
    adapter and sends the code. It retries for some amount of time and reports
    the status in the status bar. Note: The notification in the status
    bar doesn't automatically disappear. However, this doesn't consume any
    resources and can be removed using the Stop button.


  • If the code is required on the mobile phone, it can be copied using the
    Copy last button.




Protocol

The communication is based on very simple primitives using an RFCOMM channel. The
UUID for the service is e4d56fb3-b86d-4572-9b0d-44d483eb1eee. Extracted codes
are sent as text (over a secure Bluetooth connection) terminated with a new line
character. Therefore, codes may not contain any new line characters.


Future


  • The protocol will be changed to something more sophisticated and extensible


  • Configuration of the sender should be done through contact providers and
    not use regular expressions

  • Allow to use this app to share text / files with the PC


Screenshot of BluePass Screenshot of BluePass Screenshot of BluePass
code Source file_download Download