2FAuth

Project Overview

2FAuth is a self-hosted web app designed to manage your Two-Factor Authentication (2FA) accounts and generate security codes. This project provides a secure platform for personal use, allowing you to create a user account and authenticate yourself to access the app. 2FAuth supports modern authentication methods, including security keys like Yubikeys or Titan keys, and offers additional security mechanisms such as data encryption, auto logout, and compliance with RFC standards.

Main Features

• Security: 2FAuth provides several security mechanisms to protect your 2FA data, including single user app access, modern authentication, data encryption (optional), and auto logout.
• Modern Authentication: Sign in using a security key like a Yubikey or Titan key and disable the traditional login form.
• Data Encryption: Sensitive data stored in the database can be encrypted to protect it against potential database compromises. However, this feature is disabled by default, and it's strongly recommended to backup your APP_KEY value when encryption is enabled.
• Auto Logout: 2FAuth automatically logs you out after an inactivity period to prevent long-lived sessions. The auto logout can be deactivated or triggered when a security code is copied.
• RFC Compliance: 2FAuth generates OTPs according to RFC 4226 (HOTP Algorithm) and RFC 6238 (TOTP Algorithm) using the Spomky-Labs/OTPHP PHP library.
• Requirements: See Laravel server requirements for compatibility with any database supported by Laravel.
• Installation Guides: Choose from self-hosted server, Docker (CLI), Docker (Compose), or Heroku installation options.
• Upgrading: Follow the upgrade guide to ensure a smooth transition to newer versions.
• Migration: Import 2FA accounts from formats like 2FAuth (JSON), Google Auth (QR code), Aegis Auth (JSON, plain text), and 2FAS Auth (JSON) using the import guide.