PHPackages                             dododedodonl/laravel-2fa - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. dododedodonl/laravel-2fa

AbandonedArchivedLibrary[Authentication &amp; Authorization](/categories/authentication)

dododedodonl/laravel-2fa
========================

Simple way to add two-factor authentication to your laravel application with minimal setup required.

0.12(2y ago)44903MITPHPPHP ^7.2.5|^7.3|^7.4|^8.0

Since Dec 14Pushed 2y agoCompare

[ Source](https://github.com/dododedodonl/laravel-2fa)[ Packagist](https://packagist.org/packages/dododedodonl/laravel-2fa)[ Docs](https://github.com/dododedodonl/laravel-2fa)[ RSS](/packages/dododedodonl-laravel-2fa/feed)WikiDiscussions master Synced today

READMEChangelog (10)Dependencies (3)Versions (14)Used By (0)

laravel-2fa
===========

[](#laravel-2fa)

[![Latest Version on Packagist](https://camo.githubusercontent.com/233fdcf493a72c51d4555ec8a2892e06c8f34283cf642d9ae44f2e3d06d51cbf/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f646f646f6465646f646f6e6c2f6c61726176656c2d3266612e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/dododedodonl/laravel-2fa)[![Total Downloads](https://camo.githubusercontent.com/9f37a433880817c5fd3a83d8782bb26a3f974d68fa59fde68b4ab14a0582ac4c/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f646f646f6465646f646f6e6c2f6c61726176656c2d3266612e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/dododedodonl/laravel-2fa)

Installation
------------

[](#installation)

### Step 1

[](#step-1)

Install using composer

```
composer require dododedodonl/laravel-2fa
```

### Step 2

[](#step-2)

Publish migration and run it. Change the migration if it does not fit your database schema.

```
php artisan vendor:publish --tag "laravel-2fa.migrations"
php artisan migrate
```

### Step 3

[](#step-3)

Either configure web-based secret setup (by enabling the `php-imagick` extension), or make an error message visible when a user has no secret set manually using artisan.

#### Error on login

[](#error-on-login)

Edit your login form page, and add this somewhere when secret setup via web is disabled to display the correct errors.

```
@error('otp_error')
{{ $message }}
@enderror
```

### Vendor assets

[](#vendor-assets)

Optionally publish config, migration or views

```
# Some
php artisan vendor:publish --tag "laravel-2fa.config"
php artisan vendor:publish --tag "laravel-2fa.migrations"
php artisan vendor:publish --tag "laravel-2fa.views"

# All
php artisan vendor:publish --provider "Dododedodonl\Laravel2fa\TwoFactorAuthenticationServiceProvider"
```

Usage
-----

[](#usage)

### Protect a route

[](#protect-a-route)

A middleware alias is added called `2fa`. You can assign this to individual routes or controllers like all other middleware.

```
Route::get('home', 'HomeController@index')->name('home')->middleware('2fa');
```

#### Disabled by default

[](#disabled-by-default)

The middleware is disabled by default in some cases (for example in local environment). Override this by using `2fa:force` as middleware.

### Globally

[](#globally)

To use it globally, add `\Dododedodonl\Laravel2fa\Http\Middleware\Verify2faAuth` to the `web` group in your `app/Http/kernel.php`. Routes starting with `2fa.` and the route `logout` will still work when logged in. On all other routes the middleware will be applied and a token will be asked.

Secret setup
------------

[](#secret-setup)

### Via web

[](#via-web)

This is disabled by default because it requires `ext-imagick` php extension. Edit `config/laravel-2fa.php` or edit your environment file. Add `OTP_SETUP_ENABLED=true` to your `.env` file to enable.

### Via artisan

[](#via-artisan)

Set a secret for a user: `php artisan 2fa:generate {username}`. Revoke a secret for a user: `php artisan 2fa:revoke {username}`.

Troubleshoot
------------

[](#troubleshoot)

### No token is asked of me

[](#no-token-is-asked-of-me)

By default, the middleware is disabled when the environment is set to local to make testing easier. Use `2fa:force` to force the execution of the middelware.

### I get redirected back to the login page without error

[](#i-get-redirected-back-to-the-login-page-without-error)

When no secret is found in the database, and web-based secret setup is not configured, you are redirected back to the login page, logged out. An error does accompany this, but you need to edit your `login.blade.php` file to show it as suggested in one of the installation steps.

Contributing
------------

[](#contributing)

Please see [contributing.md](contributing.md) for details and a todolist.

Security
--------

[](#security)

If you discover any security related issues, please email  instead of using the issue tracker.

Notes
-----

[](#notes)

This packages assumed you use Bootstrap 4 as css framework. Bootstrap 3 views are also provided, configure them by calling `Dododedodonl\Laravel2fa\TwoFactorAuthentication::useBootstrapThree()`. However, this is not a requirement, you can just change the views to your css framework.

License
-------

[](#license)

MIT. Please see the [license file](license.md) for more information.

###  Health Score

30

—

LowBetter than 62% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity19

Limited adoption so far

Community11

Small or concentrated contributor base

Maturity60

Established project with proven stability

 Bus Factor1

Top contributor holds 67.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~116 days

Recently: every ~201 days

Total

13

Last Release

990d ago

PHP version history (3 changes)0.1PHP &gt;=7.2

0.6PHP ^7.2.5|^7.3|^7.4

0.9PHP ^7.2.5|^7.3|^7.4|^8.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/100052?v=4)[Tom Janssen](/maintainers/dododedodonl)[@dododedodonl](https://github.com/dododedodonl)

---

Top Contributors

[![dododedodonl](https://avatars.githubusercontent.com/u/100052?v=4)](https://github.com/dododedodonl "dododedodonl (29 commits)")[![niekbr](https://avatars.githubusercontent.com/u/10487997?v=4)](https://github.com/niekbr "niekbr (13 commits)")[![MartinTerp](https://avatars.githubusercontent.com/u/1794607?v=4)](https://github.com/MartinTerp "MartinTerp (1 commits)")

---

Tags

laravelotpTwo Factor Authenticationlaravel 2fa

### Embed Badge

![Health badge](/badges/dododedodonl-laravel-2fa/health.svg)

```
[![Health](https://phpackages.com/badges/dododedodonl-laravel-2fa/health.svg)](https://phpackages.com/packages/dododedodonl-laravel-2fa)
```

###  Alternatives

[craftcms/cms

Craft CMS

3.6k3.6M3.0k](/packages/craftcms-cms)[directorytree/ldaprecord-laravel

LDAP Authentication &amp; Management for Laravel.

5752.3M18](/packages/directorytree-ldaprecord-laravel)[stephenjude/filament-two-factor-authentication

Filament Two Factor Authentication: Google 2FA + Passkey Authentication

84215.9k9](/packages/stephenjude-filament-two-factor-authentication)[hasinhayder/tyro-login

Tyro Login - Beautiful, customizable authentication views for Laravel 12 &amp; 13

2464.9k6](/packages/hasinhayder-tyro-login)[linkxtr/laravel-qrcode

A clean, modern, and easy-to-use QR code generator for Laravel

3720.4k](/packages/linkxtr-laravel-qrcode)[fouladgar/laravel-otp

This package provides convenient methods for sending and validating OTP notifications to users for authentication.

21227.6k](/packages/fouladgar-laravel-otp)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
