PHPackages                             moh4mmad/php-otp-without-database - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. moh4mmad/php-otp-without-database

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

moh4mmad/php-otp-without-database
=================================

OTP verification using cryptography without database

1.0.0(6y ago)15232MITPHP

Since Oct 15Pushed 5y ago3 watchersCompare

[ Source](https://github.com/moh4mmad/php-otp-without-database)[ Packagist](https://packagist.org/packages/moh4mmad/php-otp-without-database)[ RSS](/packages/moh4mmad-php-otp-without-database/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (1)DependenciesVersions (2)Used By (0)

PHP OTP Without Database
========================

[](#php-otp-without-database)

What is it?
-----------

[](#what-is-it)

This is a simple script written in php to verify One Time Password **(OTP)** without any database. You can read the [blog post here](https://blog.anam.co/otp-verification-without-using-a-database/) to understand the technique and motivation.

How to install
--------------

[](#how-to-install)

```
git clone https://github.com/moh4mmad/php-otp-without-database.git

```

or

```
composer require moh4mmad/php-otp-without-database

```

Usage
-----

[](#usage)

You need additional tool to send SMS. This module only takes care of the verification part.

Verification process
--------------------

[](#verification-process)

OTP verification is done in the following steps:

- A hash is created with the phone number/email address and then sent to the user.
- The user also receives the OTP via SMS, email or any other method.
- The user sends back the hash, OTP and phone/email used in the first request.
- The server verifies the information and returns true if they match.

Generating OTP Hash
-------------------

[](#generating-otp-hash)

```
$otp = new Sakib\OTP;
$email = "test@abc.com";
$code = $otp->generateRandomString(6);
$hash = $otp->CreateOTP($email, $code);

```

You can then send this hash to the user as response.

```
CreateOTP($email, $otp, $key = "verysecret", $min = 5, $algo = "sha256");

```

Verifying OTP hash
------------------

[](#verifying-otp-hash)

The user should get the hash from the HTTP request and should get the real OTP via SMS or email. Then when the user sends back the information, they can be verified with the following code:

```
VerifyTOP($email, $otp, $hash, $key="verysecret", $algo = "sha256");

```

This method returns a Boolean. If the verification is successful, it will return true.

Issues
------

[](#issues)

If you come across any issues please report them [here](https://github.com/moh4mmad/php-otp-without-database/issues)

###  Health Score

29

—

LowBetter than 57% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity16

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity58

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 80% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

2450d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/412bed703674ba1174a3667a730e3b03bdc6012005e2643bf5f73da89c287c9b?d=identicon)[moh4mmad](/maintainers/moh4mmad)

---

Top Contributors

[![moh4mmad](https://avatars.githubusercontent.com/u/28807439?v=4)](https://github.com/moh4mmad "moh4mmad (28 commits)")[![arifulhb](https://avatars.githubusercontent.com/u/1863616?v=4)](https://github.com/arifulhb "arifulhb (7 commits)")

### Embed Badge

![Health badge](/badges/moh4mmad-php-otp-without-database/health.svg)

```
[![Health](https://phpackages.com/badges/moh4mmad-php-otp-without-database/health.svg)](https://phpackages.com/packages/moh4mmad-php-otp-without-database)
```

###  Alternatives

[kartik-v/yii2-password

Useful password strength validation utilities for Yii Framework 2.0

761.2M17](/packages/kartik-v-yii2-password)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
