Submitted by KryptoSC t3_zyaxad in wallstreetbets
DamnCoolGuy t1_j25oocd wrote
Don't be discouraged by manual authentication. You can still automate it using selenium or similar. Not sure if you have it for Python though but was there for C#.
KryptoSC OP t1_j25q0vi wrote
Many of the firms now require manual authentication with 2FA, so selenium is not going to work. I've done a substantial amount of web-scraping with selenium for my work, so I'm familiar with what you're suggesting. In the past, I tried using selenium to automate retrieving the refreshed code from eTrade , but they had something that was blocking my script from reading the code that was generated, so I gave up on it.
uwu2420 t1_j27tbvf wrote
If the 2FA is TOTP, then get a TOTP generator library
If the 2FA is SMS, set up a $3/mo number through Twilio.
What is the problem?
golden_bear_2016 t1_j29sua4 wrote
Interactive Brokers got you beat because you they run their own 2FA protocol with their IB Key authentication.
uwu2420 t1_j29uncq wrote
I’m a reverse engineer (mostly as a hobby) so I welcome the challenge should I need that at some point. :)
Although… it’s well known in information security to not roll your own cryptography or to rely on security by obscurity. And in my experience, most proprietary 2FA apps do use some form of standard 2FA algorithm, they might just be using a proprietary way of sharing the 2FA secret, have undocumented APIs for rolling secrets, or are using lesser-known (but still, standardized) 2FA algorithms like HOTP, which are all reasonably easy to figure out for a determined enough developer.
golden_bear_2016 t1_j29w5qh wrote
If you manage to do it, please let me know. Would be more than happy to buy you a coffee if you have the steps.
Right now I have sort of a workaround that's pretty janky and not reliable enough.
Viewing a single comment thread. View all comments