76 repository-uri
Support for secondary authentication methods to enhance account security.
Distinguishing note: Focuses specifically on MFA implementation.
Explore 76 awesome GitHub repositories matching security & cryptography · Multi-Factor Authentication. Refine with filters or upvote what's useful.
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
Generates recovery credentials to ensure account access if primary multi-factor methods are unavailable.
This project is a web-based platform designed for creating, managing, and sharing professional resumes. It functions as a structured document builder that integrates artificial intelligence to assist with content generation, editing, and analysis. Users can maintain a collection of resumes, customize their visual presentation through various templates, and export them into multiple formats for job applications. The platform distinguishes itself through its autonomous AI agent capabilities, which can perform research, suggest incremental edits, and apply data patches directly to documents. It
Enables secure account access by verifying passwords and authenticator app tokens.
Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It sup
Allows resetting two-factor authentication to regain account access during lockout.
This project is a cross-platform messaging client that implements a secure, real-time communication protocol. It provides a comprehensive development toolkit, including a database library and messaging SDK, which allows for the creation of custom messaging applications that maintain synchronized state across multiple devices. The core architecture relies on an asynchronous event-driven model to ensure responsive performance while managing persistent local database synchronization with server-side state. The client distinguishes itself through a robust end-to-end encryption layer that supports
Telegram secures account access by verifying secondary passwords or updating credentials for protected user accounts.
Filament is a full-stack framework for building administrative panels and management interfaces within the Laravel ecosystem. It provides a declarative, component-based architecture that allows developers to construct complex, data-driven applications using server-side configuration objects rather than manual HTML. By inspecting database model structures and relationships, the framework automates the generation of CRUD interfaces, forms, and data tables, significantly reducing boilerplate code. The project distinguishes itself through a highly modular and extensible design that supports custo
Requires users to configure and verify identity using secondary authentication methods after signing in.
JumpServer is a privileged access management platform designed to manage and audit secure access to SSH, RDP, Kubernetes, and database endpoints. It functions as a centralized gateway that brokers remote terminal and graphical sessions to isolate users from critical infrastructure. The system utilizes a web-based protocol gateway to translate remote connections into browser-compatible streams and a protocol-based proxy layer to isolate end-user devices from target assets. It incorporates security watermarking to deter unauthorized screen captures and provides a Kubernetes access gateway for c
Secures account access by requiring one-time passwords or facial recognition during login.
This project is an enterprise knowledge platform designed for teams to create, manage, and publish structured documentation. Built on a high-performance runtime, it provides a centralized environment where contributors can author content using markdown, HTML, or a visual editor. The system is engineered to handle collaborative workflows, ensuring that technical and non-technical users alike can maintain documentation with consistent rendering and version control. What distinguishes this platform is its focus on secure, scalable, and synchronized content management. It features granular path-b
Protects accounts by requiring an additional layer of security during the login process.
This project is a cross-platform credential management suite designed to store sensitive information in encrypted local databases. It functions as a secure desktop application that provides a unified environment for organizing secrets, generating passwords, and managing multi-factor authentication tokens. By utilizing industry-standard file formats, the application ensures that stored credentials remain secure and interoperable across different operating systems. The software distinguishes itself through deep integration with hardware-backed security and system-level services. It supports phy
Requires physical security keys to unlock databases through challenge-response authentication.
Authelia is a centralized identity and access management server designed to secure web applications through unified authentication and authorization. It functions as an identity authority that enables single sign-on across diverse platforms, allowing users to access multiple services with a single set of credentials. By acting as a standards-compliant provider, it facilitates secure identity propagation and token issuance for client applications. The platform distinguishes itself through its ability to integrate directly with web gateways as a reverse proxy authentication middleware, intercep
Duo / Mobile Push → Second Factor → Time-Based One-Time Password → WebAuthn →
NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce
Requires users to provide a second form of verification during login to enhance account security.
DataEase is an open-source, self-hosted business intelligence platform designed for building interactive data visualizations and managing analytical reporting. It provides a centralized environment where users can construct dashboards through a drag-and-drop interface, connecting to diverse data sources including relational databases, data warehouses, and external APIs. The platform distinguishes itself through its focus on embedded analytics and enterprise-grade governance. It allows for the seamless integration of charts, dashboards, and management modules into third-party web applications
Enforces multi-factor authentication for enhanced account security.
Beekeeper Studio is a cross-platform desktop application designed for database management and SQL development. It provides a unified graphical interface to connect to, query, and modify data across a wide range of relational and NoSQL database systems. The application functions as a comprehensive workspace, integrating tools for schema design, record editing, and data visualization. The project distinguishes itself through a focus on secure, flexible connectivity and AI-assisted workflows. It supports advanced authentication methods, including enterprise single sign-on, multi-factor authentic
Enhances account security by requiring multi-factor authentication during database connection.
This project provides a comprehensive, modular framework for auditing and hardening personal digital and physical security. It functions as a structured, platform-agnostic knowledge base that breaks down complex security standards into granular, actionable tasks. By utilizing a static documentation architecture, the project ensures that its guidance remains accessible and transparent, allowing users to track their security posture incrementally through a persistent, manual progress-tracking system. The project distinguishes itself by bridging the gap between digital cybersecurity and physical
Provides structured guidance on enforcing physical hardware tokens for multi-factor authentication to secure user accounts.
This project is a modular, open-source customer relationship management platform built on the Laravel framework. It serves as a comprehensive business application framework designed for tracking sales pipelines, managing business entities, and automating marketing workflows. By providing a self-hosted solution, it enables organizations to maintain full control over their contact data, sales leads, and communication history. The platform distinguishes itself through a highly extensible architecture that allows developers to modify core behavior without altering the underlying source code. It u
Enforces secondary verification steps for administrative accounts to enhance system security.
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Mandates secondary identity verification during login to enhance organizational account security.
WordPress is an open-source content management system and PHP-based application framework designed for building and maintaining websites. It functions as a visual, block-based website builder that allows users to construct layouts and manage digital content without manual code entry. The platform supports a wide range of operational needs, from managing individual sites to administering complex multi-site networks from a single installation. The system is distinguished by its highly extensible, plugin-driven modular architecture, which allows for the integration of third-party modules to add
Protects user accounts by requiring secondary verification methods like time-based codes or email authentication.
Teleport is a zero-trust access platform designed to provide secure, identity-based connectivity to servers, databases, and Kubernetes clusters. It functions as a centralized gateway that replaces static credentials with short-lived, identity-bound cryptographic certificates, effectively eliminating the need for traditional VPNs and long-term secret exposure. The platform distinguishes itself by orchestrating access through a unified control plane that maps external identity provider claims to granular, role-based infrastructure permissions. It enforces security through mutual TLS gateways an
Enforces secondary identity verification requirements for all infrastructure access requests.
Docmost is an open-source knowledge management system designed as a collaborative documentation platform for teams. It functions as an enterprise wiki that centralizes organizational information into structured, searchable workspaces, enabling users to create, organize, and share content through a hierarchical system of spaces and pages. The platform distinguishes itself by integrating artificial intelligence directly into the documentation lifecycle. It utilizes vector-based semantic search to allow for natural language queries across stored content and provides AI-assisted tools for draftin
Protects user accounts by requiring multi-factor authentication for enhanced security.
BookStack is a self-hosted knowledge base platform designed for organizing, storing, and managing structured documentation. It utilizes a hierarchical content model that arranges information into nested trees of books, chapters, and pages, supported by a dedicated search index for rapid retrieval across the entire knowledge base. The platform distinguishes itself through deep integration with enterprise identity providers, allowing organizations to centralize authentication and access control via LDAP, SAML, or OIDC. It provides extensive administrative control over the content lifecycle, inc
Requires additional proof of identity during login, supporting time-based codes or recovery methods for security.
This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and aut
Enforces multi-factor authentication requirements to secure user access to stored credentials and sensitive vault data.