PHPackages                             jazor/totp-for-php - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. jazor/totp-for-php

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

jazor/totp-for-php
==================

totp/hotp implements for php

v2.1.0(1y ago)111MITPHPPHP ^7.4 || ^8.0

Since Aug 8Pushed 9mo ago1 watchersCompare

[ Source](https://github.com/sometiny/totp-php)[ Packagist](https://packagist.org/packages/jazor/totp-for-php)[ RSS](/packages/jazor-totp-for-php/feed)WikiDiscussions main Synced today

READMEChangelog (6)DependenciesVersions (7)Used By (0)

totp-php
========

[](#totp-php)

RFC: [TOTP: Time-Based One-Time Password Algorithm](https://datatracker.ietf.org/doc/html/rfc6238)

### Uri

[](#uri)

```
$uri = new Uri('otpauth://totp/test_account:your-site.com?secret=Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK&algorithm=sha1&digits=6&period=30');

$secret = $uri->getSecret();

echo 'key = ' . $secret . "\r\n";
// output:
// key = Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK

$uri = new Uri();
$uri->setLabel('test');
$uri->setType('totp'); //default is 'totp'
$uri->setSecret('Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK');

echo 'totp uri = ' . $uri . "\r\n";
// output:
// totp uri = otpauth://totp/test?secret=Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK
```

### 快速调用

[](#快速调用)

默认为30秒步长，6个数字的验证码，使用SHA1算法。

```
//生成
echo TOTP::generate('Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK', time());

//校验
echo TOTP::verify('123456', 'Y5C4TFC5Q6OZHMXS7NOEDO5AYUP5XWMK', time());
```

### 更多测试

[](#更多测试)

```
// Seed for HMAC-SHA1 - 20 bytes
$seed = Base32::decode("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ");
// Seed for HMAC-SHA256 - 32 bytes
$seed32 = Base32::decode("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZA====");
// Seed for HMAC-SHA512 - 64 bytes
$seed64 = Base32::decode("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNA=");
$T0 = 0;
$X = 30;
$testTime = [59, 1111111109, 1111111111, 1234567890, 2000000000, 20000000000];

ini_set('date.timezone', 'UTC');
for ($t = 0; $t < count($testTime); $t++) {
    echo sprintf(
        "time: %s, date: %s, code: %s, alg: SHA1\r\n",
        $testTime[$t],
        date('Y-m-d H:i:s', $testTime[$t]),
        TOTP::compute($seed, $testTime[$t], 'sha1', 8, $X, $T0));

    echo sprintf(
        "time: %s, date: %s, code: %s, alg: SHA256\r\n",
        $testTime[$t],
        date('Y-m-d H:i:s', $testTime[$t]),
        TOTP::compute($seed32, $testTime[$t], 'sha256', 8, $X, $T0));

    echo sprintf(
        "time: %s, date: %s, code: %s, alg: SHA512\r\n",
        $testTime[$t],
        date('Y-m-d H:i:s', $testTime[$t]),
        TOTP::compute($seed64, $testTime[$t], 'sha512', 8, $X, $T0));
}

/* 输出结果：
time: 59, date: 1970-01-01 00:00:59, code: 94287082, alg: SHA1
time: 59, date: 1970-01-01 00:00:59, code: 46119246, alg: SHA256
time: 59, date: 1970-01-01 00:00:59, code: 90693936, alg: SHA512
time: 1111111109, date: 2005-03-18 01:58:29, code: 07081804, alg: SHA1
time: 1111111109, date: 2005-03-18 01:58:29, code: 68084774, alg: SHA256
time: 1111111109, date: 2005-03-18 01:58:29, code: 25091201, alg: SHA512
time: 1111111111, date: 2005-03-18 01:58:31, code: 14050471, alg: SHA1
time: 1111111111, date: 2005-03-18 01:58:31, code: 67062674, alg: SHA256
time: 1111111111, date: 2005-03-18 01:58:31, code: 99943326, alg: SHA512
time: 1234567890, date: 2009-02-13 23:31:30, code: 89005924, alg: SHA1
time: 1234567890, date: 2009-02-13 23:31:30, code: 91819424, alg: SHA256
time: 1234567890, date: 2009-02-13 23:31:30, code: 93441116, alg: SHA512
time: 2000000000, date: 2033-05-18 03:33:20, code: 69279037, alg: SHA1
time: 2000000000, date: 2033-05-18 03:33:20, code: 90698825, alg: SHA256
time: 2000000000, date: 2033-05-18 03:33:20, code: 38618901, alg: SHA512
time: 20000000000, date: 2603-10-11 11:33:20, code: 65353130, alg: SHA1
time: 20000000000, date: 2603-10-11 11:33:20, code: 77737706, alg: SHA256
time: 20000000000, date: 2603-10-11 11:33:20, code: 47863826, alg: SHA512
 */
```

###  Health Score

31

—

LowBetter than 66% of packages

Maintenance47

Moderate activity, may be stable

Popularity7

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity53

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~86 days

Recently: every ~107 days

Total

6

Last Release

630d ago

Major Versions

v1.0.4 → v2.1.02024-10-11

### Community

Maintainers

![](https://www.gravatar.com/avatar/1ec34748cbc115bbc15c9608ec3e6b9d24fd6e8d9f394ac1c27d7a632521132f?d=identicon)[anlige](/maintainers/anlige)

---

Top Contributors

[![sometiny](https://avatars.githubusercontent.com/u/4970260?v=4)](https://github.com/sometiny "sometiny (24 commits)")

---

Tags

hotptotpbase32two-factorauthenticator

### Embed Badge

![Health badge](/badges/jazor-totp-for-php/health.svg)

```
[![Health](https://phpackages.com/badges/jazor-totp-for-php/health.svg)](https://phpackages.com/packages/jazor-totp-for-php)
```

###  Alternatives

[spomky-labs/otphp

A PHP library for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm) and compatible with Google Authenticator

1.5k50.3M168](/packages/spomky-labs-otphp)[chillerlan/php-authenticator

A generator for counter- and time based 2-factor authentication codes (Google Authenticator). PHP 8.2+

58133.8k3](/packages/chillerlan-php-authenticator)[paragonie/multi-factor

Vendor-agnostic two-factor authentication library

142198.6k2](/packages/paragonie-multi-factor)[lfkeitel/phptotp

TOTP/HOTP library for PHP

85476.4k2](/packages/lfkeitel-phptotp)[christian-riesen/otp

One Time Passwords, hotp and totp according to RFC4226 and RFC6238

885.5M6](/packages/christian-riesen-otp)[2amigos/2fa-library

2 Factor Authentication (2FA) library

34391.0k7](/packages/2amigos-2fa-library)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
