Automic VaultAutomic Vault

brew

Install cotp with Homebrew, apk, apt, Nix, pacman

TOTP/HOTP authenticator app with import functionality. Version 1.9.10 via Homebrew; verified 2026-05-03.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install cotp

local Homebrew formula metadata

Linux

Alpine Linux apkverified · 92%
sudo apk add cotp

Alpine Linux edge package indexes · cotp · source: dl-cdn.alpinelinux.org

Debian aptverified · 92%
sudo apt install cotp

Debian stable package indexes · cotp · source: deb.debian.org

Nixverified · 92%
nix profile install nixpkgs#cotp

nixpkgs package indexes · pkgs/by-name/co/cotp/package.nix · source: api.github.com

Arch Linux pacmanverified · 92%
sudo pacman -S cotp

Arch Linux sync databases · cotp · source: geo.mirror.pkgbuild.com

overview

Package summary

TOTP/HOTP authenticator app with import functionality

Commands and aliases

  • cotp

history

Project history and usage

cotp is a command-line TOTP/HOTP authenticator aimed at users who want two-factor codes in a terminal-accessible, encrypted local database. Its niche is the intersection of password-manager-like local storage and Unix-style CLI workflows.

Project history

The replydev/cotp repository was created in December 2020 and published its first GitHub release later that month. The README says the author created cotp to have minimalist, secure, desktop-accessible software for managing two-factor authentication codes.

Adoption history

The project has remained a smaller security utility rather than a large platform. Its README notes distribution in Linux distro repositories and gives Homebrew, Cargo, and manual source installation paths, which is typical for Rust command-line tools that serve both desktop and shell users.

How it is used

cotp initializes an encrypted database on first run, displays OTP codes in an interactive dashboard, can add TOTP and HOTP entries, lists records as JSON, imports encrypted Aegis backups, exports its database, and can copy selected codes to the clipboard.

Why package nerds care

For package nerds, cotp is notable because it packages sensitive local credential material without depending on a cloud account. The distribution concern is less about daemons or services and more about preserving a stable CLI, encryption format, clipboard integration, and migration/import behavior.

Timeline

  • 2020: replydev/cotp repository created and first release published.
  • 2020: README documented encrypted database storage and import/migration from other authenticator apps.
  • 2026: Project continued publishing releases.

Related projects

  • Aegis, andOTP, Authy migration tooling, RFC 6238 TOTP, RFC 4226 HOTP.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.cotp/db.cotp

executables

Installed executables

CommandKindExposureNote
cotpcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.9.10
manager updated2026-05-03
local dataok
upstreamcurrent
latest detectedv1.9.10

https://github.com/replydev/cotp

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:cotp
Version1.9.10
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/cotp
Homepagehttps://github.com/replydev/cotp
Repositoryhttps://github.com/replydev/cotp
Upstream docshttps://github.com/replydev/cotp#readme
LicenseGPL-3.0-only
Source archivehttps://github.com/replydev/cotp/archive/refs/tags/v1.9.10.tar.gz
Last updated2026-05-03T12:28:26Z
Pulseupdated
Build dependenciesrust
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namecotp
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

cotp 1.9.2-1+b3

Trustworthy, encrypted, command-line TOTP/HOTP authenticator app with import functionality.

https://github.com/replydev/cotp

sudo apt install cotp
  • Section: utils
  • Architecture: amd64
  • Source Package: rust-cotp
  • 2 dependencies
  • normalized package name match
  • Matched by: Cotp
Debian stable package indexes · deb.debian.org · Debian stable package indexes: cotp from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

cotp

nix profile install nixpkgs#cotp
  • normalized package name match
  • Matched by: Cotp
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/co/cotp/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
apk95%

cotp 1.9.7-r0

Trustworthy, encrypted, command-line TOTP/HOTP authenticator app with import functionality

https://github.com/replydev/cotp

sudo apk add cotp
  • License: GPL-3.0-only
  • Architecture: x86_64
  • Source Package: cotp
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Cotp
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: cotp from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
pacman95%

cotp 1.9.10-1

Trustworthy, encrypted, command-line TOTP/HOTP authenticator app with import functionality

https://github.com/replydev/cotp

sudo pacman -S cotp
  • License: GPL-3.0-only
  • Architecture: x86_64
  • 4 dependencies
  • 1 optional deps
  • normalized package name match
  • Matched by: Cotp
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: cotp from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment