PHPackages allanbarcelos/roundcube\_2fa - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. allanbarcelos/roundcube\_2fa ActiveRoundcube-plugin[Authentication & Authorization](/categories/authentication) allanbarcelos/roundcube\_2fa ============================ Two-factor authentication (2FA/TOTP) plugin for Roundcube, compatible with Google Authenticator, Microsoft Authenticator and other TOTP apps. 01PHPCI passing Since May 11Pushed 4w agoCompare [ Source](https://github.com/allanbarcelos/roundcube-2fa)[ Packagist](https://packagist.org/packages/allanbarcelos/roundcube_2fa)[ RSS](/packages/allanbarcelos-roundcube-2fa/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependenciesVersions (1)Used By (0) Roundcube 2FA ============= [](#roundcube-2fa) [![PHP](https://camo.githubusercontent.com/77f8db69577a1ced325cd18ce2eee083fea81d8a028415162bbb8e40d7a11431/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d253345253344372e342d383839324246)](https://camo.githubusercontent.com/77f8db69577a1ced325cd18ce2eee083fea81d8a028415162bbb8e40d7a11431/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d253345253344372e342d383839324246)[![Roundcube](https://camo.githubusercontent.com/6a7c2624fb76808bd9c91722ebd8353f9923c02d428aae8468a8be56eba1e534/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f526f756e64637562652d253345253344312e352d627269676874677265656e)](https://camo.githubusercontent.com/6a7c2624fb76808bd9c91722ebd8353f9923c02d428aae8468a8be56eba1e534/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f526f756e64637562652d253345253344312e352d627269676874677265656e)[![License](https://camo.githubusercontent.com/b8cadaa967891081f8f165695470689986c028821dd8a040132f6e661795dc0d/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c7565)](https://camo.githubusercontent.com/b8cadaa967891081f8f165695470689986c028821dd8a040132f6e661795dc0d/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c7565) A two-factor authentication (2FA) plugin for [Roundcube](https://roundcube.net/) webmail using Time-based One-Time Passwords (TOTP). Compatible with Google Authenticator, Microsoft Authenticator, Authy, and any RFC 6238-compliant app. --- Table of Contents ----------------- [](#table-of-contents) - [Features](#features) - [Requirements](#requirements) - [Installation](#installation) - [Database Setup](#database-setup) - [Configuration](#configuration) - [Usage](#usage) - [Security](#security) - [Troubleshooting](#troubleshooting) - [Contributing](#contributing) - [License](#license) --- Features -------- [](#features) - TOTP-based 2FA setup per user via QR code - Backup codes for account recovery (6 single-use codes, cryptographically generated) - Optional server-side enforcement for all users - CSRF protection on all sensitive actions - Automatic database table creation on first use - Full support for MySQL/MariaDB, PostgreSQL, and SQLite - Respects Roundcube table prefix configuration --- Requirements ------------ [](#requirements) DependencyVersionPHP>= 7.4Roundcube>= 1.5endroid/qr-code^4.0spomky-labs/otphp^11.0--- Installation ------------ [](#installation) ### Option A — Composer (recommended) [](#option-a--composer-recommended) Run the following command from your **Roundcube root directory**: ``` composer require allanbarcelos/roundcube_2fa ``` Composer will download the plugin into `plugins/roundcube_2fa/` and merge all dependencies into the main `vendor/` directory automatically. ### Option B — Manual [](#option-b--manual) ``` cd /path/to/roundcube/plugins git clone https://github.com/allanbarcelos/roundcube-2fa roundcube_2fa cd roundcube_2fa composer install --no-dev --optimize-autoloader ``` > The target directory **must** be named `roundcube_2fa` (with underscore). Roundcube uses the directory name to locate the plugin class. ### Enable the plugin [](#enable-the-plugin) Add `roundcube_2fa` to the plugins list in `config/config.inc.php`: ``` $config['plugins'] = ['roundcube_2fa']; ``` That's it. The plugin activates on next page load and creates its database table automatically on first use. --- Database Setup -------------- [](#database-setup) The plugin **automatically creates** its own `roundcube_2fa` table on first use — no manual step required for standard installations. ### Manual setup [](#manual-setup) If you prefer to create the table yourself, or if your database user lacks `CREATE TABLE` privileges, run the file that matches your database engine from the `SQL/` directory: ``` # MySQL / MariaDB mysql -u -p