30 open-source projects similar to authenticator-extension/authenticator, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Authenticator alternative.
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
This is a two-factor authentication library and open-source multi-factor authentication implementation. It provides a suite of tools for implementing security workflows that require a second layer of verification beyond standard credentials. The project implements both time-based one-time passwords and HMAC-based one-time passwords. It includes utilities for generating these codes based on shared secrets and counters, following industry standards such as RFC 6238. The library covers cryptographic primitives including Base32 secret key encoding, dynamic truncation extraction, and symmetric ke
Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur
This project is a two-factor authentication manager that generates time-based and counter-based one-time passwords to secure online accounts. It functions as an encrypted credential manager for storing authentication seeds and producing security codes on mobile and wearable devices. The application includes a dedicated Android Wear OS client that synchronizes authentication data and UI states to allow security codes to be viewed directly from a smartwatch. The system supports the import and migration of authentication seeds from other applications and provides encrypted backup capabilities t
AuthenticatorPro is an open-source security application for Android designed to manage two-factor authentication. It functions as a client for generating time-based and counter-based one-time passwords to secure user accounts. The project distinguishes itself through Wear OS integration, which allows authentication codes to be synchronized from a mobile device to a companion wearable. It also includes a system for importing credentials from external services and using the device camera to scan QR codes for account configuration. The application provides a suite of security and organization c
InvenTree is an open-source inventory management platform built on Django, designed for tracking parts, stock levels, and supply chain operations through a web interface and REST API. The system uses barcodes—including QR codes, 1D barcodes, and Data Matrix codes—as primary identifiers for scanning, linking, and triggering inventory actions, and extends core functionality through a Python plugin framework supporting custom actions, UI panels, barcode handlers, and scheduled tasks. The platform distinguishes itself through a comprehensive plugin-based extensibility system that allows custom in
Authboss is a modular authentication framework designed to manage user identity and account orchestration. It provides a comprehensive system for handling user registration, email verification, and the full lifecycle of user profiles. The framework distinguishes itself through a focused suite of security and identity tools, including multi-factor authentication via time-based passwords and SMS, and identity integration with external providers using OAuth1 and OAuth2 protocols. It also includes a dedicated account security manager that implements brute-force protection through credential-based
This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and aut
Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password security. It provides a system of identity access middleware to control route access and synchronize user identity across requests via standard web protocols. The framework is distinguished by a pluggable architecture that allows for the registration of independent modules to extend identity logic. It utilizes a hook-based event system to execute custom business logic during authentication state changes and employs a selector-verifier token pattern to protect against timing attacks
Databasus is a self-hosted backup platform that automates PostgreSQL backups, verifies their restorability, and stores them across multiple destinations while managing team access with role-based permissions. It combines on-the-fly AES-256-GCM encryption, cron-driven scheduling, job-queue-based verification, multi-destination storage, WAL streaming, throwaway container restore testing, and workspace-based role access control into a unified backup system. The platform distinguishes itself through automatic backup verification that restores each backup into a temporary database container for in
Octelium is a zero-trust network access platform and identity-aware proxy designed to secure private HTTP, SSH, and SQL resources. It functions as a secure gateway that validates human and workload identities using OIDC, SAML, and FIDO2 passkeys before granting access to internal applications and SaaS APIs. The system is distinguished by its secretless access broker, which injects credentials—such as API keys, passwords, and AWS Sigv4 signatures—at the gateway level so users can access databases and cloud resources without managing secrets. It further specializes in AI gateway administration,
Azure Docs is the official technical documentation repository for Microsoft Azure, the cloud computing platform. It provides comprehensive guidance on the full spectrum of Azure services, covering everything from core infrastructure components like virtual machines, Kubernetes clusters, and serverless computing to platform services for AI, machine learning, data analytics, and storage. The documentation details how to provision, manage, and govern cloud resources at scale, including policy enforcement, identity management, and cost optimization. The documentation distinguishes Azure through i
MacPass is a native macOS password manager and encrypted database client designed to manage credentials using the KeePass standard. It serves as a secure credential vault for storing usernames and passwords within a hierarchical structure. The application integrates a TOTP authenticator to generate time-based and hash-based one-time passwords for multi-factor authentication. It utilizes a KeePass-compatible database engine to ensure data portability and supports keyfile-based authentication to increase decryption entropy. The project covers broader capabilities including automated credential
gocryptfs is a FUSE-based encrypted filesystem that transparently encrypts and decrypts file contents and filenames on disk. It uses block-level authenticated encryption with AES-GCM or AES-SIV-512, binding each block to its file header and offset for integrity, while obfuscating filenames with EME or AES-SIV wide-block ciphers using per-directory initialization vectors. The system derives all encryption keys and initialization vectors deterministically from a master key using HKDF and SHA256, enabling reproducible ciphertext for reliable backup and synchronization workflows. The project dist
《Chrome插件开发全攻略》配套完整Demo,欢迎clone体验
This project is a Kubernetes operator designed for deploying and managing production PostgreSQL database clusters using declarative configurations. It functions as a controller that synchronizes the actual state of database clusters with a desired state, providing a system for high availability orchestration, automated backup and recovery, and containerized database administration. The operator distinguishes itself through a comprehensive data protection suite that supports point-in-time recovery, multi-mode backups to cloud object storage, and cluster cloning. It ensures continuous availabil
gopass is a terminal-based password manager and GPG secret store used for generating, storing, and retrieving encrypted credentials. It functions as a collaborative secret manager that encrypts data using GPG or age and synchronizes it across devices and teams using Git. The system distinguishes itself by treating version control repositories as the primary storage backend, enabling secure secret sharing and version history for credentials. It utilizes a hierarchical directory structure to organize secrets on the filesystem and supports multi-store mounting to combine multiple independent rep
This project is a comprehensive zero-knowledge security suite designed for enterprise credential management, secrets orchestration, and password management. It provides a secure, end-to-end encrypted vault that allows users to store, synchronize, and manage sensitive information, including passwords, passkeys, and infrastructure secrets, across desktop, mobile, and browser environments. The platform distinguishes itself through a strict zero-knowledge architecture where all encryption and decryption occur locally on the client, ensuring that plaintext data remains inaccessible to the server.
TheHive is a security incident response platform and multi-tenant case management system. It functions as a Security Orchestration, Automation, and Response (SOAR) tool and a threat intelligence platform designed to coordinate security investigations by managing alerts, cases, and observables. The platform is distinguished by its multi-tenant architecture, which isolates data across different organizations while supporting selective cross-tenant sharing. It features a SOAR automation engine capable of executing sandboxed JavaScript logic to automate workflows and trigger response actions thro
GAM is a command-line tool for administering Google Workspace and Cloud Identity. It translates command-line arguments into structured API calls, enabling administrators to manage users, groups, organizational units, and domain settings across a Google Workspace environment. The tool handles authentication through OAuth2 flows, service accounts, and workload identity federation, and supports multi-tenant configurations for managing multiple domains or cloud projects from a single installation. GAM distinguishes itself through its batch processing and automation capabilities. It can process la
Molly is a privacy-focused Android messenger and a client for the Matrix open standard. It functions as a decentralized, end-to-end encrypted communication tool that allows users to interact across federated networks without a central authority. The application implements several security-centric features, including binary integrity verification to ensure the authenticity of the installed build and RAM-overwrite memory sanitization to prevent sensitive data leakage. It provides local database encryption secured by user-defined passphrases and supports routing network traffic through proxies o
Screenity is a browser-based screen recorder designed to capture screen activity and audio directly within a web browser. It functions as a privacy-focused capture tool that handles data locally and includes a web-based video editor for basic media refinement. The project distinguishes itself through real-time screen annotation tools, allowing users to draw shapes and arrows or zoom into specific areas during a recording. It also provides specialized privacy controls to blur sensitive information and apply backgrounds to camera feeds. The tool covers a broad range of media capabilities, incl
2FAuth is a self-hosted two-factor authentication server and credential vault. It functions as a web-based authenticator app used to organize and generate time-based one-time passwords and other security codes for multiple accounts in a central location. The system distinguishes itself as an API-driven security manager, allowing authentication codes to be integrated into automated workflows and external applications. It also supports shared security credentialing through the use of isolated vaults and shared folders for team collaboration. The project covers a broad range of security and dat
This project is a Pluggable Authentication Module for Linux systems that enforces multi-factor identity verification. It integrates directly into the system authentication stack to require time-based one-time passwords alongside standard user credentials, providing a mechanism to secure local and remote shell access. The module distinguishes itself through its implementation of the time-based one-time password algorithm, which includes built-in support for clock-skew compensation to account for time discrepancies between servers and user devices. It manages individual user secret keys through
Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports
This project provides a comprehensive, modular framework for auditing and hardening personal digital and physical security. It functions as a structured, platform-agnostic knowledge base that breaks down complex security standards into granular, actionable tasks. By utilizing a static documentation architecture, the project ensures that its guidance remains accessible and transparent, allowing users to track their security posture incrementally through a persistent, manual progress-tracking system. The project distinguishes itself by bridging the gap between digital cybersecurity and physical
SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio
This project is a collection of reusable React hooks designed to wrap browser APIs, manage state persistence, and handle DOM observation. It provides a consistent interface for integrating native browser capabilities directly into the React component lifecycle. The library includes specialized toolkits for monitoring the browser environment, such as window resizing, network connectivity, and viewport visibility. It also provides mechanisms for managing execution timing through debouncing, throttling, and the control of timeouts and intervals. Additional capabilities cover state management wi
Easy-peasy is a React state management library and typed framework that provides a centralized store for managing global application state. It functions as an immutable state store and an async state orchestrator, ensuring end-to-end type safety for state definitions, actions, and derived values. The library distinguishes itself by converting direct mutation syntax into immutable updates to simplify the management of nested data. It includes a mechanism for persisting the state tree to storage and rehydrating it during the application boot process, with the ability to suspend the user interfa
Moto is a cloud service mockery framework and API mock server that simulates AWS infrastructure locally. It allows developers to test cloud-dependent code and verify infrastructure-as-code templates without deploying real resources or incurring costs. The project functions as an SDK interceptor that can patch existing service clients to redirect requests to a local mock environment. It can also be run as a standalone HTTP server, enabling any programming language to interact with the simulated endpoints. The framework covers a vast array of simulated capabilities, including data storage, com