PHP library for two-factor (or multi-factor) authentication using TOTP and QR-codes. Inspired by, based on but most importantly an improvement on 'PHPGangsta/GoogleAuthenticator'. There's a .Net implementation of this library as well.
By default, this package uses the lib/Providers/QRServerProvider.php
as QR code generator. This provider is not suggested for applications where absolute security is needed, because it uses an external service for the QR code generation.
You can make use of the included Endroid or Bacon providers which generate locally.
- Requires PHP version >=8.1
- cURL when using the provided
QRServerProvider
(default),ImageChartsQRCodeProvider
orQRicketProvider
but you can also provide your own QR-code provider. - random_bytes(), OpenSSL or Hash depending on which built-in RNG you use (TwoFactorAuth will try to 'autodetect' and use the best available); however: feel free to provide your own (CS)RNG.
Optionally, you may need:
- sockets if you are using
NTPTimeProvider
- endroid/qr-code if using
EndroidQrCodeProvider
orEndroidQrCodeWithLogoProvider
. - bacon/bacon-qr-code if using
BaconQrCodeProvider
.
The best way of installing this library is with composer:
php composer.phar require robthree/twofactorauth
For a quick start, have a look at the getting started page or try out the demo.
If you need more in-depth information about the configuration available then you can read through the rest of documentation.
Licensed under MIT license. See LICENSE for details.
Logo / icon under CC0 1.0 Universal (CC0 1.0) Public Domain Dedication (Archived page)