75 repository-uri
Tools for generating and managing time-based or counter-based authentication tokens.
Distinguishing note: Focuses on the generation of TOTP/HOTP codes for account security.
Explore 75 awesome GitHub repositories matching security & cryptography · Two-Factor Authentication. Refine with filters or upvote what's useful.
Acest proiect este un director curatoriat de comunitate cu software open-source conceput pentru implementarea în medii de server private și laboratoare de acasă (home labs). Servește drept resursă cuprinzătoare pentru descoperirea alternativelor independente, auto-găzduite, la serviciile cloud mainstream, permițând utilizatorilor să mențină proprietatea deplină a datelor și controlul asupra infrastructurii lor digitale. Directorul este structurat printr-o taxonomie ierarhică ce organizează o colecție vastă de aplicații în categorii logice, variind de la gestionarea media și analiza datelor la comunicare privată și instrumente de productivitate în echipă. Se distinge printr-un proces colaborativ de peer-review, unde membrii comunității validează calitatea și relevanța fiecărei trimiteri pentru a se asigura că directorul rămâne precis și fiabil. Proiectul acoperă o suprafață largă de capabilități, inclusiv automatizarea infrastructurii, implementarea serviciilor bazate pe containere și gestionarea configurației declarative. Aceste instrumente ajută utilizatorii să mențină medii de server reproductibile și să gestioneze dependențele complexe ale serviciilor pe hardware privat. Directorul este menținut ca un repository controlat prin versiuni, asigurându-se că toate actualizările și modificările conduse de comunitate sunt urmărite și transparente.
Stores and generates security tokens for two-factor authentication accounts to secure user logins.
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
Allows for the disabling of two-factor authentication requirements for specific user accounts.
This project is a Node.js web application boilerplate designed to accelerate development by providing a pre-configured foundation with integrated routing, templating, and developer tooling. It serves as a comprehensive starter kit that includes a full-stack authentication system, a payment integration starter, and an LLM agent framework. The framework distinguishes itself with specialized tools for AI development, including a retrieval-augmented generation implementation kit with vector search and semantic caching. It enables the creation of reasoning agents featuring tool-calling loops and r
Secures user accounts by requiring second-factor verification via email codes or authenticator apps.
Ente is a privacy-focused platform for end-to-end encrypted storage and two-factor authentication management. It functions as a zero-knowledge identity provider, ensuring that all cryptographic operations, key derivation, and data encryption occur locally on the user's device. By maintaining this architecture, the service provider remains unable to access or decrypt any stored personal information or authentication credentials. The platform distinguishes itself through a combination of on-device intelligence and resilient data distribution. It utilizes a local machine learning engine to perfo
Creates two-factor authentication codes with support for end-to-end encrypted cloud backups.
Firefly III is a self-hosted personal finance management system built on a double-entry bookkeeping engine. It provides a comprehensive platform for tracking income, expenses, and account balances while maintaining financial integrity through structured accounting principles. Designed for private use, the system supports multi-user access, allowing independent financial administrations to coexist within a single installation. The platform distinguishes itself through extensive automation and integration capabilities. It features a robust REST JSON API and webhook system that enables programma
Requires an additional verification code from an authenticator app during login to protect user accounts against unauthorized access.
Trojan is a censorship circumvention tool and TLS proxy server designed to bypass network restrictions by imitating legitimate web services. It functions as a TLS traffic obfuscator that masks proxy activity by mimicking the handshake and data flow of standard HTTPS requests. The system disguises network traffic as common web browsing to avoid deep packet inspection. It achieves this by wrapping TCP and UDP data within TLS encryption and forwarding unauthenticated or unauthorized requests to a legitimate destination website to hide the proxy's purpose. The project provides a tunnel that conv
The service responds to plain HTTP requests with a specific file to mimic a legitimate web server.
Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru
Protects administrative access by requiring time-based one-time passwords from external authenticator applications.
Diaspora is a federated social networking platform that allows users to run and manage self-hosted community servers, known as pods. It operates as a distributed network where independent server nodes exchange content and users using open protocols and standardized communication schemas. The platform is distinguished by its focus on decentralized identity management and privacy-preserving communication. It includes a privacy-focused media proxy that routes external assets through a local server to protect user identity and supports cross-instance account migration, allowing users to move thei
Secures user accounts by requiring time-based one-time passwords during the sign-in process.
Nightingale is a Prometheus-compatible monitoring and alerting platform designed to centralize telemetry management across multiple time-series databases. It functions as a multi-source alerting engine and metric data pipeline that ingests telemetry via remote write protocols and triggers alarms based on data from sources such as Prometheus, Elasticsearch, Loki, and ClickHouse. The system is distinguished by its automated alert healing system, which executes predefined scripts and RPC-based corrective actions when monitoring thresholds are breached. It supports distributed alert processing, a
Handles authentication and session persistence using JSON Web Tokens with configurable expiration times.
KeeWeb is a web-based password manager and vault that allows users to open and edit encrypted databases through a browser interface. It functions as a cross-platform tool for managing password vaults using the KeePass database format. The application provides a self-hosted password vault that can be deployed as a single HTML file or via Docker. It integrates with remote storage providers using OAuth to synchronize encrypted database files across multiple devices. The system includes capabilities for secure credential generation, two-factor authentication management through time-based one-tim
Generates time-based one-time passwords (TOTP) to provide an extra layer of account security.
Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur
Generates time-based and counter-based security codes to verify user identity across online services.
Spectrum is an open-source community platform designed for developer teams to host real-time threaded discussions, share code, and collaborate around GitHub projects. It provides a complete environment for creating and managing online communities with organized channels, member roles, and content moderation tools that keep conversations civil and on-topic. The platform integrates directly with GitHub, enabling users to authenticate through GitHub OAuth, search across code repositories and projects, and connect discussions to repository activity. Spectrum offers role-based team permission mana
Requires a second verification step beyond a password to confirm user identity during login.
Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for
Enforces two-factor authentication using time-based one-time passwords from authenticator apps.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Disables the Antimalware Scan Interface using techniques like module unloading or DLL hijacking.
Kanboard este un instrument de management de proiect Kanban auto-găzduit și o suită de productivitate concepută pentru urmărirea sarcinilor software și colaborarea în echipă. Oferă un sistem vizual pentru gestionarea fluxurilor de lucru prin utilizarea panourilor, coloanelor și cardurilor. Proiectul dispune de un framework de plugin-uri extensibil și un API cuprinzător pentru administrarea programatică a sarcinilor și proiectelor. Include gestionarea specializată a identității prin integrarea LDAP, permițând sincronizarea conturilor de utilizator și a permisiunilor de grup de la serverele de directoare. Sistemul acoperă o gamă largă de capabilități, inclusiv automatizarea fluxului de lucru bazată pe evenimente, analize detaliate ale proiectului, cum ar fi diagramele burn-down și măsurarea timpului de ciclu, și control granular al accesului bazat pe roluri. De asemenea, suportă urmărirea integrată a timpului, descompunerea sarcinilor secundare și autentificarea multi-metodă, inclusiv autentificarea cu doi factori și suportul pentru proxy invers. Aplicația este compatibilă cu MySQL și PostgreSQL pentru stocarea persistentă a datelor și poate fi implementată folosind Docker Compose.
Implements time-based one-time passwords to add a secondary security layer after primary login.
This project is a curated directory and catalog of privacy-respecting software and security-focused services. It serves as a structured resource for finding alternatives to corporate services, focusing on tools that prioritize data sovereignty, end-to-end encryption, and user anonymity. The directory is maintained as a markdown-based resource list and rendered via a static site generator. It further extends its utility through a CORS-enabled public API and a JSON-based data schema, allowing the curated catalog of tools and providers to be retrieved programmatically. The collection covers a w
Lists tools for generating and managing time-based or counter-based authentication tokens.
Home Assistant is a local home automation platform and server that acts as an IoT device orchestrator. It integrates diverse smart home hardware by wrapping third-party APIs into a standardized logic layer and stores all system state and historical statistics on local hardware to eliminate cloud dependencies. The system functions as a Matter IoT controller and an MQTT home automation bridge, allowing for local interoperability between different manufacturers. It features a state-based entity model and an internal event bus that decouple physical device logic from system automation. The platf
Home Assistant requires a time-synchronized six-digit code from a mobile app to verify a user during login.
This project provides a complete OpenVPN server deployment packaged as a Docker container, with an integrated EasyRSA certificate authority for automated public-key infrastructure management. It handles the full lifecycle of a VPN server, from initial PKI bootstrap and server configuration generation to client certificate issuance and revocation, all within a containerized environment. The server is configured entirely through Docker environment variables, eliminating the need for manual configuration file editing. It supports time-based one-time password (TOTP) authentication as a second fac
Enforces time-based one-time passwords from authenticator apps as a second factor for OpenVPN client logins.
Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.
Enforces multi-factor authentication and single sign-on requirements to ensure secure identity verification.
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
Generates time-based one-time passwords directly within the vault for integrated two-factor authentication.