awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

75 dépôts

Awesome GitHub RepositoriesTwo-Factor Authentication

Tools for generating and managing time-based or counter-based authentication tokens.

Distinguishing note: Focuses on the generation of TOTP/HOTP codes for account security.

Explore 75 awesome GitHub repositories matching security & cryptography · Two-Factor Authentication. Refine with filters or upvote what's useful.

Awesome Two-Factor Authentication GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • awesome-selfhosted/awesome-selfhostedAvatar de awesome-selfhosted

    awesome-selfhosted/awesome-selfhosted

    299,516Voir sur GitHub↗

    Ce projet est un répertoire de logiciels open source organisé par la communauté, conçu pour être déployé dans des environnements de serveurs privés et des laboratoires domestiques. Il sert de ressource complète pour découvrir des alternatives indépendantes et auto-hébergées aux services cloud grand public, permettant aux utilisateurs de conserver la pleine propriété des données et le contrôle de leur infrastructure numérique. Le répertoire est structuré par une taxonomie hiérarchique qui organise une vaste collection d'applications en catégories logiques, allant de la gestion multimédia et de l'analyse de données à la communication privée et aux outils de productivité d'équipe. Il se distingue par un processus de revue par les pairs collaboratif, où les membres de la communauté valident la qualité et la pertinence de chaque soumission pour garantir que le répertoire reste précis et fiable. Le projet couvre une large surface de capacités, notamment l'automatisation de l'infrastructure, le déploiement de services basés sur des conteneurs et la gestion de configuration déclarative. Ces outils aident les utilisateurs à maintenir des environnements de serveur reproductibles et à gérer des dépendances de services complexes sur du matériel privé. Le répertoire est maintenu en tant que dépôt contrôlé par version, garantissant que toutes les mises à jour et les changements pilotés par la communauté sont suivis et transparents.

    Stores and generates security tokens for two-factor authentication accounts to secure user logins.

    awesomeawesome-listcloud
    Voir sur GitHub↗299,516
  • quantumnous/new-apiAvatar de QuantumNous

    QuantumNous/new-api

    39,722Voir sur GitHub↗

    This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,

    Allows for the disabling of two-factor authentication requirements for specific user accounts.

    Goai-gatewayclaudedeepseek
    Voir sur GitHub↗39,722
  • sahat/hackathon-starterAvatar de sahat

    sahat/hackathon-starter

    35,226Voir sur GitHub↗

    This project is a Node.js web application boilerplate designed to accelerate development by providing a pre-configured foundation with integrated routing, templating, and developer tooling. It serves as a comprehensive starter kit that includes a full-stack authentication system, a payment integration starter, and an LLM agent framework. The framework distinguishes itself with specialized tools for AI development, including a retrieval-augmented generation implementation kit with vector search and semantic caching. It enables the creation of reasoning agents featuring tool-calling loops and r

    Secures user accounts by requiring second-factor verification via email codes or authenticator apps.

    JavaScriptboilerplatehackathonhacktoberfest
    Voir sur GitHub↗35,226
  • ente-io/enteAvatar de ente-io

    ente-io/ente

    27,281Voir sur GitHub↗

    Ente is a privacy-focused platform for end-to-end encrypted storage and two-factor authentication management. It functions as a zero-knowledge identity provider, ensuring that all cryptographic operations, key derivation, and data encryption occur locally on the user's device. By maintaining this architecture, the service provider remains unable to access or decrypt any stored personal information or authentication credentials. The platform distinguishes itself through a combination of on-device intelligence and resilient data distribution. It utilizes a local machine learning engine to perfo

    Creates two-factor authentication codes with support for end-to-end encrypted cloud backups.

    Dart2faandroidauthy
    Voir sur GitHub↗27,281
  • firefly-iii/firefly-iiiAvatar de firefly-iii

    firefly-iii/firefly-iii

    22,431Voir sur GitHub↗

    Firefly III is a self-hosted personal finance management system built on a double-entry bookkeeping engine. It provides a comprehensive platform for tracking income, expenses, and account balances while maintaining financial integrity through structured accounting principles. Designed for private use, the system supports multi-user access, allowing independent financial administrations to coexist within a single installation. The platform distinguishes itself through extensive automation and integration capabilities. It features a robust REST JSON API and webhook system that enables programma

    Requires an additional verification code from an authenticator app during login to protect user accounts against unauthorized access.

    PHPaccountingbudgetbudgeting
    Voir sur GitHub↗22,431
  • trojan-gfw/trojanAvatar de trojan-gfw

    trojan-gfw/trojan

    19,724Voir sur GitHub↗

    Trojan is a censorship circumvention tool and TLS proxy server designed to bypass network restrictions by imitating legitimate web services. It functions as a TLS traffic obfuscator that masks proxy activity by mimicking the handshake and data flow of standard HTTPS requests. The system disguises network traffic as common web browsing to avoid deep packet inspection. It achieves this by wrapping TCP and UDP data within TLS encryption and forwarding unauthenticated or unauthorized requests to a legitimate destination website to hide the proxy's purpose. The project provides a tunnel that conv

    The service responds to plain HTTP requests with a specific file to mimic a legitimate web server.

    C++anticensorshipantisurveillancebypass-gfw
    Voir sur GitHub↗19,724
  • getgrav/gravAvatar de getgrav

    getgrav/grav

    15,395Voir sur GitHub↗

    Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru

    Protects administrative access by requiring time-based one-time passwords from external authenticator applications.

    PHPcmscontentcontent-management
    Voir sur GitHub↗15,395
  • diaspora/diasporaAvatar de diaspora

    diaspora/diaspora

    13,658Voir sur GitHub↗

    Diaspora is a federated social networking platform that allows users to run and manage self-hosted community servers, known as pods. It operates as a distributed network where independent server nodes exchange content and users using open protocols and standardized communication schemas. The platform is distinguished by its focus on decentralized identity management and privacy-preserving communication. It includes a privacy-focused media proxy that routes external assets through a local server to protect user identity and supports cross-instance account migration, allowing users to move thei

    Secures user accounts by requiring time-based one-time passwords during the sign-in process.

    Rubydecentralizeddistributedfederated
    Voir sur GitHub↗13,658
  • ccfos/nightingaleAvatar de ccfos

    ccfos/nightingale

    13,108Voir sur GitHub↗

    Nightingale is a Prometheus-compatible monitoring and alerting platform designed to centralize telemetry management across multiple time-series databases. It functions as a multi-source alerting engine and metric data pipeline that ingests telemetry via remote write protocols and triggers alarms based on data from sources such as Prometheus, Elasticsearch, Loki, and ClickHouse. The system is distinguished by its automated alert healing system, which executes predefined scripts and RPC-based corrective actions when monitoring thresholds are breached. It supports distributed alert processing, a

    Handles authentication and session persistence using JSON Web Tokens with configurable expiration times.

    Goalertingccfmetrics
    Voir sur GitHub↗13,108
  • keeweb/keewebAvatar de keeweb

    keeweb/keeweb

    12,942Voir sur GitHub↗

    KeeWeb is a web-based password manager and vault that allows users to open and edit encrypted databases through a browser interface. It functions as a cross-platform tool for managing password vaults using the KeePass database format. The application provides a self-hosted password vault that can be deployed as a single HTML file or via Docker. It integrates with remote storage providers using OAuth to synchronize encrypted database files across multiple devices. The system includes capabilities for secure credential generation, two-factor authentication management through time-based one-tim

    Generates time-based one-time passwords (TOTP) to provide an extra layer of account security.

    HTML
    Voir sur GitHub↗12,942
  • beemdevelopment/aegisAvatar de beemdevelopment

    beemdevelopment/Aegis

    12,613Voir sur GitHub↗

    Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur

    Generates time-based and counter-based security codes to verify user identity across online services.

    Java2faandroidauthenticator
    Voir sur GitHub↗12,613
  • withspectrum/spectrumAvatar de withspectrum

    withspectrum/spectrum

    10,838Voir sur GitHub↗

    Spectrum is an open-source community platform designed for developer teams to host real-time threaded discussions, share code, and collaborate around GitHub projects. It provides a complete environment for creating and managing online communities with organized channels, member roles, and content moderation tools that keep conversations civil and on-topic. The platform integrates directly with GitHub, enabling users to authenticate through GitHub OAuth, search across code repositories and projects, and connect discussions to repository activity. Spectrum offers role-based team permission mana

    Requires a second verification step beyond a password to confirm user identity during login.

    JavaScriptexpoflowtypegraphql
    Voir sur GitHub↗10,838
  • lucia-auth/luciaAvatar de lucia-auth

    lucia-auth/lucia

    10,461Voir sur GitHub↗

    Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for

    Enforces two-factor authentication using time-based one-time passwords from authenticator apps.

    authoauthtypescript
    Voir sur GitHub↗10,461
  • samratashok/nishangAvatar de samratashok

    samratashok/nishang

    9,951Voir sur GitHub↗

    Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a

    Disables the Antimalware Scan Interface using techniques like module unloading or DLL hijacking.

    PowerShellactivedirectoryhackinginfosec
    Voir sur GitHub↗9,951
  • kanboard/kanboardAvatar de kanboard

    kanboard/kanboard

    9,663Voir sur GitHub↗

    Kanboard est un outil de gestion de projet Kanban auto-hébergé et une suite de productivité conçue pour le suivi des tâches logicielles et la collaboration d'équipe. Il fournit un système visuel pour gérer les flux de travail via l'utilisation de tableaux, de colonnes et de cartes. Le projet dispose d'un framework de plugin extensible et d'une API complète pour l'administration programmatique des tâches et des projets. Il inclut une gestion d'identité spécialisée via l'intégration LDAP, permettant la synchronisation des comptes utilisateurs et des permissions de groupe depuis les serveurs d'annuaire. Le système couvre un large éventail de capacités, y compris l'automatisation du flux de travail pilotée par les événements, des analyses de projet détaillées telles que les graphiques d'avancement et la mesure du temps de cycle, et un contrôle d'accès granulaire basé sur les rôles. Il prend également en charge le suivi du temps intégré, la décomposition des sous-tâches et l'authentification multi-méthodes, y compris l'authentification à deux facteurs et le support de proxy inverse. L'application est compatible avec MySQL et PostgreSQL pour le stockage de données persistant et peut être déployée en utilisant Docker Compose.

    Implements time-based one-time passwords to add a secondary security layer after primary login.

    PHPagilekanbankanboard
    Voir sur GitHub↗9,663
  • lissy93/awesome-privacyAvatar de Lissy93

    Lissy93/awesome-privacy

    9,500Voir sur GitHub↗

    This project is a curated directory and catalog of privacy-respecting software and security-focused services. It serves as a structured resource for finding alternatives to corporate services, focusing on tools that prioritize data sovereignty, end-to-end encryption, and user anonymity. The directory is maintained as a markdown-based resource list and rendered via a static site generator. It further extends its utility through a CORS-enabled public API and a JSON-based data schema, allowing the curated catalog of tools and providers to be retrieved programmatically. The collection covers a w

    Lists tools for generating and managing time-based or counter-based authentication tokens.

    Astro
    Voir sur GitHub↗9,500
  • home-assistant/home-assistant.ioAvatar de home-assistant

    home-assistant/home-assistant.io

    9,466Voir sur GitHub↗

    Home Assistant is a local home automation platform and server that acts as an IoT device orchestrator. It integrates diverse smart home hardware by wrapping third-party APIs into a standardized logic layer and stores all system state and historical statistics on local hardware to eliminate cloud dependencies. The system functions as a Matter IoT controller and an MQTT home automation bridge, allowing for local interoperability between different manufacturers. It features a state-based entity model and an internal event bus that decouple physical device logic from system automation. The platf

    Home Assistant requires a time-synchronized six-digit code from a mobile app to verify a user during login.

    HTMLdocumentationhacktoberfesthass
    Voir sur GitHub↗9,466
  • kylemanna/docker-openvpnAvatar de kylemanna

    kylemanna/docker-openvpn

    9,089Voir sur GitHub↗

    This project provides a complete OpenVPN server deployment packaged as a Docker container, with an integrated EasyRSA certificate authority for automated public-key infrastructure management. It handles the full lifecycle of a VPN server, from initial PKI bootstrap and server configuration generation to client certificate issuance and revocation, all within a containerized environment. The server is configured entirely through Docker environment variables, eliminating the need for manual configuration file editing. It supports time-based one-time password (TOTP) authentication as a second fac

    Enforces time-based one-time passwords from authenticator apps as a second factor for OpenVPN client logins.

    Shelldockerdocker-containerdocker-openvpn
    Voir sur GitHub↗9,089
  • teamhanko/hankoAvatar de teamhanko

    teamhanko/hanko

    8,801Voir sur GitHub↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Enforces multi-factor authentication and single sign-on requirements to ensure secure identity verification.

    Go2faauthenticationciam
    Voir sur GitHub↗8,801
  • bitwarden/androidAvatar de bitwarden

    bitwarden/android

    8,457Voir sur GitHub↗

    This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a

    Generates time-based one-time passwords directly within the vault for integrated two-factor authentication.

    Kotlinandroidbitwardencompose
    Voir sur GitHub↗8,457
Préc.123…4Suivant
  1. Home
  2. Security & Cryptography
  3. Two-Factor Authentication

Explorer les sous-tags

  • 2FA Appending DetectionIdentification of sites that require TOTP codes to be appended to the password string. **Distinct from Two-Factor Authentication:** Focuses on detecting a specific input behavior (appending) rather than generating 2FA tokens.
  • Administrative ResetsCapabilities for administrators to reset or disable two-factor authentication for users who have lost access to their authenticator device. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: covers the administrative recovery/reset workflow, not the generation or verification of TOTP codes.
  • Authentication Disabling4 sous-tagsAdministrative controls for revoking secondary verification requirements. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on the disabling/revocation of the feature rather than its implementation.
  • Backup Code Verifications1 sous-tagAccepting backup codes through platform-specific two-factor flows when the account uses a newer verification system. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on backup code verification within platform-specific 2FA flows, not on TOTP/HOTP code generation.
  • Bloks Two-Factor HandlersAutomatically detects and retries login through Instagram's newer CAA/Bloks two-factor verification when legacy endpoints fail. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on Instagram's proprietary Bloks/CAA flow rather than standard TOTP/HOTP code generation.
  • EnforcementsMandate that all password users set up a time-based one-time password before logging in. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on mandatory enrollment rather than optional code generation.
  • Hardware Token EnablersTools that add a second layer of security by requiring a hardware token like a YubiKey for login. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on enabling hardware token-based 2FA, not general TOTP/HOTP code generation.
  • MFA InterceptionCapturing real-time one-time passwords (OTP) to bypass multi-factor authentication protections. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication by focusing on the theft of the token rather than the generation or management of it.
  • Mandatory MFA Enforcement1 sous-tagPolicies that force users to enable secondary authentication factors to access sensitive data. **Distinct from Two-Factor Authentication:** Focuses on the administrative requirement/mandate of MFA rather than the generation of tokens.
  • MiddlewareMiddleware that checks a session flag after login and redirects to a verification form if two-factor authentication is not completed. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on the middleware enforcement layer rather than token generation or management.
  • Platform-Specific Two-Factor FlowsHandling platform-specific two-factor verification flows, such as Instagram's CAA/Bloks system, when legacy endpoints fail. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on handling platform-specific 2FA flows (e.g., Bloks) rather than generic TOTP/HOTP code generation.
  • Recovery Code GeneratorsProduces a set of one-use codes that bypass two-factor authentication when the primary method is unavailable. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: specifically generates backup recovery codes, not TOTP/HOTP codes for primary 2FA.
  • Seed Import UtilitiesUtilities specifically for transferring security account data from external authenticator apps. **Distinct from Two-Factor Authentication:** Distinct from general 2FA: focuses exclusively on the import utility for existing seeds.
  • Seed MigrationsProcesses for transferring authentication secrets from external applications into a new manager. **Distinct from Two-Factor Authentication:** Distinct from general 2FA management: focuses specifically on the migration/import process of seeds.
  • Session Management1 sous-tagHandling of authentication tokens, cookie persistence, and multi-factor authentication to maintain active sessions. **Distinct from Two-Factor Authentication:** Focuses on the maintenance and persistence of authenticated sessions rather than just generating 2FA tokens.
  • TOTP EnablersActivates time-based one-time password authentication and returns backup codes for account recovery. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses specifically on enabling TOTP-based two-factor authentication rather than general two-factor authentication management.
  • TOTP EnforcersRequires time-based one-time passwords from authenticator apps after primary login to enforce second-factor verification. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: specifically enforces TOTP-based 2FA as a mandatory step, not just code generation.
  • TOTP Seed GeneratorsGenerates secret keys that can be scanned into an authenticator app for two-factor authentication setup. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses specifically on generating TOTP seeds for setup rather than general two-factor authentication management.
  • Token ManagementStorage and generation of security codes for multiple authentication accounts. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on the management and storage of tokens rather than the authentication protocol itself.
  • Token MigrationsProcesses for transferring authentication secrets between different MFA applications. **Distinct from Two-Factor Authentication:** Specifically covers the movement of tokens between apps, not general token generation.
  • Troubleshooting GuidesDocumentation and procedures for diagnosing and resolving issues with two-factor authentication prompts. **Distinct from Two-Factor Authentication:** Distinct from Two-Factor Authentication: focuses on troubleshooting unexpected prompts, not the generation or management of authentication tokens.
  • Wearable IntegrationsIntegration of two-factor authentication codes into wearable device interfaces. **Distinct from Two-Factor Authentication:** Distinct from general 2FA: focuses specifically on the integration and display on a smartwatch.