PHPackages                             habil/googleauthenticator - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. habil/googleauthenticator

ActiveLibrary[Authentication & Authorization](/categories/authentication)

habil/googleauthenticator
=========================

Google Authenticator 2-factor authentication from repo phpgangsta/googleauthenticator

v1.0.3(7y ago)013BSD-4-ClausePHPPHP >=5.3

Since Sep 4Pushed 7y ago1 watchersCompare

[ Source](https://github.com/amirkhiz/GoogleAuthenticator)[ Packagist](https://packagist.org/packages/habil/googleauthenticator)[ RSS](/packages/habil-googleauthenticator/feed)WikiDiscussions master Synced 3d ago

READMEChangelog (2)DependenciesVersions (3)Used By (0)

Google Authenticator PHP class
==============================

[](#google-authenticator-php-class)

- Copyright (c) 2012-2016,
- Author: Michael Kliewe, [@PHPGangsta](http://twitter.com/PHPGangsta) and [contributors](https://github.com/PHPGangsta/GoogleAuthenticator/graphs/contributors)
- Licensed under the BSD License.

[![Build Status](https://camo.githubusercontent.com/befdec2485d1872f270dabed2855dbbb730e6f138ea3875e2a08f5407c3ddf04/68747470733a2f2f7472617669732d63692e6f72672f50485047616e677374612f476f6f676c6541757468656e74696361746f722e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/PHPGangsta/GoogleAuthenticator)

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to [RFC6238](https://tools.ietf.org/html/rfc6238)

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:
------

[](#usage)

See following example:

```