Two Factor Authentication With The ESP8266

January 4, 2018 by Tom Nardi 23 Comments

Google Authenticator is a particularly popular smartphone application that can be used as a token for many two factor authentication (2FA) systems by generating a time-based one time password (referred to as TOTP). With Google Authenticator, the combination of your user name and password along with the single-use code generated by the application allows you to securely authenticate yourself in a way that would be difficult for an attacker to replicate.

That sounds great, but what if you don’t have a smartphone? That’s the situation that [Lady Ada] recently found herself in, and rather than going the easy route and buying a hardware 2FA token that’s compatible with Google Authenticator, she decided to build one herself based on the ESP8266. With the hardware and source documented on her site, the makings of an open source Google Authenticator hardware token are available for anyone who’s interested.

Generated codes can also be viewed via serial.

For the hardware, all you need is the ESP8266 and a display. Naturally [Lady Ada] uses her own particular spin on both devices which you can purchase if you want to create an identical device, but the concept will work the same on the generic hardware you’ve probably already got in the parts bin. Software wise, the code is written in CircuitPython, a derivative of MicroPython, which aims to make microcontroller development easier. If you haven’t tried MicroPython before, grab an ESP and give this a roll.

Conceptually, TOTP is relatively simple. You just need to know what time it is, and run an SHA1 hash. The time part is simple enough, as the ESP8266 can connect to the network and get the current time from NTP. The calculation of the TOTP is handled by the Python code once you’ve provided it with the “secret” pulled from the Google Authenticator application. It’s worth noting here that this means your 2FA secrets will be held in clear-text on the ESP8266’s flash, so try not to use this to secure any nuclear launch systems or anything, OK? Then again, if you ever lose it the beauty of 2-factor is you can invalidate the secret and generate a new one.

We’ve covered the ins and outs of 2FA applications before here at Hackaday if you’d like to know more about the concept, in addition to previous efforts to develop a hardware token for Google Authenticator.

Jean-Luc PYcARD Is A Pocketable Python Development Platform

February 23, 2017 by Elliot Williams 11 Comments

It’s a good thing that a ridiculous pun and a screenprint of Jean-Luc Picard on the bottom of the board is enough to qualify for the 2017 Hackaday Sci-Fi Contest, because [bobricius]’s Python-plus-Arduino card and environmental sensor potpourri is very cool.

The PCB design itself is great. It’s got a gigantic LED array, cutout for a wrist strap, and an onboard USB plug so you can program it just by sticking it in your computer; it shows up as a USB mass storage device when you plug it in. The files that show up on the “drive” are Micropython code that you can edit, save, and then run directly on the device. You can hardly beat that for convenience.

And there’s a full complement of sensors: not one but two temperature and humidity sensors, including our recent favorite BME280, which also reads barometric pressure. (We suspect that makes it a tri-corder.) There’s a real-time clock, a buzzer, and some buttons. Want to add more sensors? I2C ports are broken out for your convenience.

Besides having Star Trek flair, this board would give the various educational platforms a run for their money: Micro:bit, we’re looking at you. Very cool indeed!

Friday Hack Chat: CircuitPython With Adafruit Engineers

January 25, 2017 by Mike Szczys 38 Comments

What the heck is CircuitPython? Get that question answered along with many more during this Friday’s Hack Chat. Three engineers from Adafruit join us as [Ladyada], [Tony DiCola], and [Scott Shawcoft] lead a CircuitPython discussion at Noon PST on 1/27/17.

CircuitPython is Adafruit’s new extension on the MicroPython codebase. It adds support for SAMD21 processors in MicroPython and reworks the API for better support across platforms and better documentation. Does this still sound like jibberish? The Python programming language has been extended to microcontrollers. CircuitPython is furthering that work and this Hack Chat is the perfect opportunity to talk with the people who are doing that work. They will also be doing a giveaway of five CircuitPlayground m0 Express boards (brand new, not yet released hardware).

Don’t miss this Hack Chat! Here’s a handy web tool to help convert Friday, January 27 at noon PST to your local time.

Here’s How to Take Part:

join-project-team-message-buttons — Buttons to join the project and enter Hack Chat

Hack Chats are live community events that take place in the Hackaday.io Hack Chat group messaging. Visit that page (make sure you are logged in) and look for the “Join this Project Button” in the upper right. Once you are part of the project, that button will change to “Team Messaging” which takes you to the Hack Chat.

You don’t have to wait for Friday, join Hack Chat whenever you like and see what the community is currently talking about.

ESP8266 MicroPython Contest Gives You The Excuse You Need

July 29, 2016 by Elliot Williams 3 Comments

As if the prospect of having everyone’s favorite scripting language ported over weren’t enough to get you to install MicroPython on a spare ESP8266, there is now a contest for that. Over on Hackaday.io the MicroPython on ESP8266 contest is under way and you’ve only got until the end of August to submit your creation.

The prizes? First place gets an OpenMV camera board because [Radomir], who’s running the contest, has an extra one. OK, it’s not as lush as the corporate-sponsored goody-bag that we’ve got running in the Hackaday Prize, but there’s no reason that you can’t enter both. And if anyone wants to throw some more goodies into the pot, I’m sure they’d be welcome.

The rules are simple: use an ESP8266 or ESP8285 with MicroPython and post the project up on Hackaday.io. Bonus points are given for creating new libraries or hardware drivers. Basically, this just gives you an extra reason to get in there and play around. How cool is that?

If you need a start-up on MicroPython on the ESP8266, the official tutorial is great. We wrote up a first-look review of running MicroPython on the WeMos D1 hardware, but were plagued with (re-)flashing difficulties, so we’re going to have to give it another go.

MicroPython On The ESP8266: Kicking The Tires

July 21, 2016 by Elliot Williams 32 Comments

Scripting languages are for large computers, right? “Real” embedded device work is a hellish, never-ending cycle of code, compile, and re-flash. Well, I used to think so too, but with the proliferation of scripting and other interactive languages to microcontrollers over the last few years, the hurdle to interactive development on the small chips has gotten a lot lower.

On the ESP8266 platform, I’ve tried out NodeMCU’s Lua and ESP8266 BASIC. (For the last half-year, I’ve been using the awesome Mecrisp-Stellaris almost exclusively on the STM32F1xx and F4xx chips, but haven’t dipped into ESP8266 Forth yet.)

NodeMCU is great because it’s got everything you could want built in, and through cloud services it’s easy to get a tailored build made that maximizes free flash memory for your projects. I just don’t dig the asynchronous Lua thing (you might, try it!). ESP BASIC has a different set of libraries, and is missing MQTT for my purposes. Still it’s pretty slick, and worth a look.

So when the MicroPython folks announced that they were releasing the binary builds for the ESP, I thought it was time to give it a spin. I’ve used Python for nearly twelve years now, so it’s like a comfortable shoe for me. Would MicroPython be the same on the ESP8266? The short answer is yes and no.

Continue reading “MicroPython On The ESP8266: Kicking The Tires” →

Micropython Binaries For The ESP8266 To Be Released

July 11, 2016 by Elliot Williams 20 Comments

MicroPython is a Kickstarted project that brings Python to small, embeddable devices. As part of the terms of the Kickstarter, supporters were to get exclusive access to binary builds, with a few exceptions. Now it looks like the ESP8266-version is going to be added to the binary list. This is awesome news for anyone who enjoys playing around with the popular WiFi chip.

But even more heartwarming is the overwhelming response of the Kickstarter’s backers for making the binary builds public. Basically everyone was in favor of opening the binaries up to the general public, and many wrote that they wanted public binaries all along. People can be so giving.

But there’s also something in it for them! The more people get behind MicroPython, the more (free and paid) development support it will warrant, and the more bug reports it will garner. Wins all around. So keep clicking refresh on the binary list until you see it live. Or better yet, if you’re interested, head over to the forum. (Or just wait for us to cover it here. You know we will.)

Electromagnetic Field’s Badge Hanging In The Balance

May 18, 2016 by Elliot Williams 5 Comments

Making conference badges is a tough job. Unless you’re sitting on a gold mine, you have to contact a whole bunch of sponsors for help, work the parts that you can get into a coherent design, and do it all on the quick for a large audience. The EMF team is this close to getting it done, but they need some sponsorship for the assembly. If you know anyone, help them out! If they can’t line something up in the next two weeks, they’ll have to pull the plug on the badge entirely.

Electromagnetic Field is a summer-camp hacker convention / festival that takes place in England and is now in its third iteration. As with other big cons, the badge is a good part of the fun.

The 2016 EMF badge looks to be amazing. It’s powered by an ST STM32L4 low-power micro, a color LCD screen, a TI CC3100 WiFi radio module onboard, and a ridiculous number of other features including a gyro and magnetometer, and a giant battery. It’s also a testbed for the brand-new MicroPython, which aims to bring everyone’s favorite scripting language to embedded processors. In fact, they’ve largely built the MicroPython WiFi drivers for the badge.

If they can’t get a sponsor, all is not lost because everything is open source. We’ll all reap the benefits of their hard work. But that’s not the point. The point is that hundreds of hackers will be standing around in a field outside of London without the most audacious badge that we’ve seen designed dangling from their necks.
If you know anyone who can help, get in touch?

Thanks [schneider] for the tip!