Overview of 2FAuth
2FAuth is a web application designed to help users manage Two-Factor Authentication (2FA) accounts and generate corresponding security codes. It presents an alternative to widely used OTP generators like Google Authenticator, providing a solution that is suitable for both mobile and desktop devices. A live demo is available for users to explore its functionalities using the credentials [email protected] and demo.
Purpose of 2FAuth
The primary focus of 2FAuth is to streamline 2FA authentication processes across various devices through an intuitive interface. The creator of 2FAuth sought to address several common challenges associated with existing OTP solutions:
- Existing applications often display tokens for all accounts simultaneously, creating a stressful user experience due to countdowns.
- The need for a standalone database that allows easy backup and restoration of 2FA accounts was crucial, especially after experiences of losing smartphones with stored data.
- The inconvenience of having to use a smartphone for OTP retrieval while working on a desktop computer was a pain point.
- A love for coding and the desire for self-hosted solutions sparked the development of 2FAuth.
Key Features
2FAuth offers several user-friendly features, including:
- Managing 2FA accounts by organizing them into groups.
- Quickly adding accounts by scanning QR codes or entering details manually via a user-friendly form.
- Editing capabilities for all accounts, including imported ones.
- Generating TOTP, HOTP, and Steam Guard security codes.
Currently, 2FAuth supports both the English and French languages, with ongoing contributions to expand its language support.
Security
To ensure the protection of user data, 2FAuth incorporates various security measures:
- Single User App: Users must create and authenticate an account to use the app. It is designed for personal use with only one user account permitted.
- Modern Authentication: Supports sign-ins using security keys, such as Yubikey or Titan keys, allowing users to disable traditional login methods.
- Data Encryption: Offers optional encryption for sensitive database data to counter database compromises. It is recommended to back up the
APP_KEYin the.envfile when encryption is enabled. - Auto Logout: Automatically logs users out after an inactivity period to prevent indefinite sessions, with an option to deactivate or trigger upon security code copying.
- RFC Compliance: OTPs generated comply with RFC 4226 and RFC 6238, ensuring reliability and consistency.
Technical Requirements
2FAuth requires:
- PHP version 8.2 or later.
- Compatibility with databases supported by Laravel.
Installation Guides
2FAuth can be installed in several environments:
Upgrading and Migration
For users who wish to upgrade their existing setup, a detailed upgrade guide is available. Additionally, 2FAuth supports importing data from multiple formats such as 2FAuth (JSON), Google Auth (QR code), Aegis Auth (JSON, plain text), and 2FAS Auth (JSON). An import guide is provided to assist in this process.
How to Contribute
There are several ways to contribute to the development and improvement of 2FAuth:
- Report bugs or submit fixes through pull requests on the
devbranch. - Suggest enhancements or new features by submitting ideas, with reference to the 2FAuth development project.
- Enhance language support by contributing translations via the Crowdin platform.
License
2FAuth is distributed under the AGPL-3.0 license.