# bubka/2fauth **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/bubka-2fauth).** 3,779 stars · 270 forks · PHP · agpl-3.0 ## Links - GitHub: https://github.com/Bubka/2FAuth - Homepage: https://docs.2fauth.app/ - awesome-repositories: https://awesome-repositories.com/repository/bubka-2fauth.md ## Topics `2fa` `2factor` `hotp` `otp` `qrcode` `self-hosted` `totp` `two-factor` `two-factor-authentication` `webapp` ## Description 2FAuth is a self-hosted two-factor authentication server and credential vault. It functions as a web-based authenticator app used to organize and generate time-based one-time passwords and other security codes for multiple accounts in a central location. The system distinguishes itself as an API-driven security manager, allowing authentication codes to be integrated into automated workflows and external applications. It also supports shared security credentialing through the use of isolated vaults and shared folders for team collaboration. The project covers a broad range of security and data management capabilities, including symmetric secret encryption, hardware security integration, and detailed authentication event auditing. It provides utilities for account data migration, relational data persistence, and access attempt monitoring. Installation options include automated cloud platform deployment and support for custom path hosting. ## Tags ### Security & Cryptography - [One-Time Passwords](https://awesome-repositories.com/f/security-cryptography/one-time-passwords.md) — Implements the TOTP algorithm to generate short-lived security codes based on shared secrets and system time. - [Two-Factor Authentication](https://awesome-repositories.com/f/security-cryptography/two-factor-authentication.md) — Organizes and generates time-based one-time passwords and security codes for multiple accounts in a central location. ([source](https://cdn.jsdelivr.net/gh/bubka/2fauth@master/README.md)) - [Self-Hosted Deployments](https://awesome-repositories.com/f/security-cryptography/authentication-services/self-hosted-deployments.md) — Functions as a private, self-hosted server for storing encrypted authentication secrets with custom access controls. - [Data Protection](https://awesome-repositories.com/f/security-cryptography/data-protection.md) — Secures authentication data using symmetric encryption and maintains access logs for sensitive secrets. ([source](https://docs.2fauth.app/)) - [Team Credential Vaults](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security/credential-sharing/team-credential-vaults.md) — Creates isolated vaults and shared access folders to collaborate on security codes within a team. ([source](https://docs.2fauth.app/)) - [User Identity Verification](https://awesome-repositories.com/f/security-cryptography/identity-authentication/user-identity-verification.md) — Secures the interface using passwords, passkeys, tokens, or external identity providers. ([source](https://docs.2fauth.app/)) - [MFA Account Registration](https://awesome-repositories.com/f/security-cryptography/mfa-account-registration.md) — Adds new authentication accounts using QR scanners, manual entry, or file imports to generate security codes. ([source](https://docs.2fauth.app/)) - [TOTP Vaults](https://awesome-repositories.com/f/security-cryptography/password-management/totp-vaults.md) — Acts as a self-hosted vault for generating and managing time-based one-time passwords. - [Symmetric Secret Stores](https://awesome-repositories.com/f/security-cryptography/secret-encryption/symmetric-secret-stores.md) — Encrypts authentication secrets at rest using a master key to prevent data exposure from database leaks. - [Server-Side Encrypted Secret Stores](https://awesome-repositories.com/f/security-cryptography/secret-encryption/symmetric-secret-stores/server-side-encrypted-secret-stores.md) — Encrypts authentication secrets at rest in the database to protect them from unauthorized access. ([source](https://cdn.jsdelivr.net/gh/bubka/2fauth@master/README.md)) - [Self-Hosted Vaults](https://awesome-repositories.com/f/security-cryptography/secret-storage/self-hosted-vaults.md) — Provides a private, user-managed installation for storing encrypted security secrets with shared vault support. - [Authentication Workflow Automation](https://awesome-repositories.com/f/security-cryptography/authentication-workflow-automation.md) — Enables programmatic management of authentication data to integrate security credentials into external workflows. ([source](https://docs.2fauth.app/)) - [Browser Extension Credential Retrievers](https://awesome-repositories.com/f/security-cryptography/browser-extension-credential-retrievers.md) — Ships a dedicated browser extension for capturing security secrets and generating one-time passwords. ([source](https://docs.2fauth.app/)) - [Brute Force Protections](https://awesome-repositories.com/f/security-cryptography/brute-force-protections.md) — Protects user accounts from brute-force attacks by blocking access after multiple failed login attempts. ([source](https://docs.2fauth.app/getting-started/config/env-vars/)) - [Session Security Integration](https://awesome-repositories.com/f/security-cryptography/hardware-integrated-security-vaults/session-security-integration.md) — Integrates hardware security keys and enforces automatic logout timers to protect inactive sessions. ([source](https://cdn.jsdelivr.net/gh/bubka/2fauth@master/README.md)) - [Credential Sharing](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security/credential-sharing.md) — Enables team collaboration through isolated vaults and shared folders for two-factor authentication codes. - [MFA Data Imports](https://awesome-repositories.com/f/security-cryptography/mfa-data-imports.md) — Adds security accounts from external applications using QR codes or compatible data files. ([source](https://docs.2fauth.app/getting-started/usage/import/)) - [Personal Access Tokens](https://awesome-repositories.com/f/security-cryptography/personal-access-tokens.md) — Provides personal access tokens to secure programmatic management of security accounts via HTTP headers. ([source](https://docs.2fauth.app/api/)) - [Request Throttling](https://awesome-repositories.com/f/security-cryptography/request-size-limiters/request-limiters/request-throttling.md) — Limits the frequency of login and API requests by tracking IP addresses to prevent brute-force attacks. - [Credential Data Migrations](https://awesome-repositories.com/f/security-cryptography/saml-authentication/credential-data-migrations.md) — Transfers existing account information from external JSON exports or QR codes into the current system. ([source](https://cdn.jsdelivr.net/gh/bubka/2fauth@master/README.md)) - [Secrets and Credential Management](https://awesome-repositories.com/f/security-cryptography/security/cryptography-and-secrets/secrets-credential-management.md) — Injects sensitive keys and passwords via secure files to prevent exposure in plain-text environment variables. ([source](https://docs.2fauth.app/getting-started/installation/docker/docker-compose/)) - [Inactivity Session Termination](https://awesome-repositories.com/f/security-cryptography/session-management/inactivity-session-termination.md) — Implements automatic session termination based on periods of user inactivity. ([source](https://docs.2fauth.app/getting-started/config/user-preferences/)) - [Token-Based Authentication](https://awesome-repositories.com/f/security-cryptography/token-based-authentication.md) — Validates personal access tokens in HTTP headers to allow programmatic management of authentication codes. ### User Interface & Experience - [Web-Based Authenticator Interfaces](https://awesome-repositories.com/f/user-interface-experience/web-based-authenticator-interfaces.md) — Provides a browser-accessible interface for retrieving security codes through a web dashboard or extension. ### Development Tools & Productivity - [Authentication Integration APIs](https://awesome-repositories.com/f/development-tools-productivity/rest-apis/security-automation-apis/authentication-integration-apis.md) — Offers a programmable interface for integrating two-factor authentication data into external applications. ### DevOps & Infrastructure - [Per-Client Request Throttlers](https://awesome-repositories.com/f/devops-infrastructure/traffic-management/traffic-throttling/per-client-request-throttlers.md) — Prevents API abuse by limiting the number of requests allowed per minute from a single IP address. ([source](https://docs.2fauth.app/getting-started/config/env-vars/)) ### Software Engineering & Architecture - [MFA Account Onboarding](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/programmatic-interfaces/remote-server-registrations/remote-account-registrations/mfa-account-onboarding.md) — Allows automatic registration of two-factor authentication accounts through QR code scanning or file uploads. ([source](https://docs.2fauth.app/getting-started/config/user-preferences/)) ### System Administration & Monitoring - [Security Account Management](https://awesome-repositories.com/f/system-administration-monitoring/account-management-apis/security-account-management.md) — Provides an API to programmatically interact with stored security accounts, groups, and settings. ([source](https://docs.2fauth.app/api/)) ### Part of an Awesome List - [Personal Management](https://awesome-repositories.com/f/awesome-lists/productivity/personal-management.md) — Web application for managing two-factor authentication accounts. - [Security And Privacy](https://awesome-repositories.com/f/awesome-lists/security/security-and-privacy.md) — Manager for two-factor authentication accounts and codes.