PHPackages nextvikas/laravel-google-authenticator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. nextvikas/laravel-google-authenticator ActiveLibrary[Security](/categories/security) nextvikas/laravel-google-authenticator ====================================== A highly secure, dependency-free package to add Google Two-Factor Authentication (2FA) to Laravel applications. v1.0.0(9mo ago)023MITPHPPHP ^7.4 || ^8.0 || ^8.1 || ^8.2 || ^8.3 Since Aug 7Pushed 9mo ago1 watchersCompare [ Source](https://github.com/nextvikas/laravel-google-authenticator)[ Packagist](https://packagist.org/packages/nextvikas/laravel-google-authenticator)[ Docs](https://github.com/nextvikas/laravel-google-authenticator)[ RSS](/packages/nextvikas-laravel-google-authenticator/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) Laravel Google Authenticator ============================ [](#laravel-google-authenticator) [![Latest Stable Version](https://camo.githubusercontent.com/077dad44127c9f2e2e6a611ea979c0701fc4e3d97b8f4cd711e63343dcd3ae73/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6e65787476696b61732f6c61726176656c2d676f6f676c652d61757468656e74696361746f722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/nextvikas/laravel-google-authenticator) [![License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE) [![Downloads](https://camo.githubusercontent.com/c9215b46dc658f98c55ecd774983d0c24085ba74cb69d0e689ba734459998066/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6e65787476696b61732f6c61726176656c2d676f6f676c652d61757468656e74696361746f722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/nextvikas/laravel-google-authenticator) [![StyleCI](https://camo.githubusercontent.com/fb7273fff4a133a673f752405dcbf92a9ea67bec5679e467fb7e477eb47141c0/68747470733a2f2f7374796c6563692e696f2f7265706f732f39343633303835312f736869656c64)](https://styleci.io/repos/94630851) [![PHP](https://camo.githubusercontent.com/4f2892097b766a52133d4c68797e7ba80c40f3e7907d2882236a1cc0518f0746/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d372e302532302d2d253230382e302d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/nextvikas/laravel-google-authenticator) This package provides seamless integration of **Google Authenticator** for two-step verification in **Laravel** applications. It enhances security by requiring users to enter a time-based one-time password (TOTP) generated by the **Google Authenticator app**, in addition to their primary login credentials. This ensures an extra layer of protection against unauthorized access. With an easy-to-use API, this package simplifies the implementation of two-factor authentication (2FA) and includes features like **QR code generation** and token validation Version ------- [](#version) This is the first stable release: **v1.0.0** Requirements ------------ [](#requirements) The current package requirements are: - PHP: "^7.4 || ^8.0 || ^8.1 || ^8.2 || ^8.3" - Laravel: "^7.0|^8.0|^9.0|^10.0|^11.0|^12.0" Installation ============ [](#installation) **1. Add to composer.json** ``` composer require nextvikas/laravel-google-authenticator ``` **2. Publish the Files Using artisan vendor:publish command**For a package, you typically use vendor:publish to copy files like migration or configuration files from the nextvikas/laravel-google-authenticator to your application. ``` php artisan vendor:publish --provider="Nextvikas\Authenticator\AuthenticatorServiceProvider" ``` **3. Run the Migration** ``` php artisan migrate ``` Demo ==== [](#demo) [![image](https://private-user-images.githubusercontent.com/23698573/475505836-eadf8e0f-afa1-462b-91bd-727278085495.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzU0ODg1NzQsIm5iZiI6MTc3NTQ4ODI3NCwicGF0aCI6Ii8yMzY5ODU3My80NzU1MDU4MzYtZWFkZjhlMGYtYWZhMS00NjJiLTkxYmQtNzI3Mjc4MDg1NDk1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNjA0MDYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjYwNDA2VDE1MTExNFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFiMGU4MmM4Y2JkY2FkOWJiMmU0ZTQ2YTcxY2FkOGY0YjlkOGQ1YjU1ZWNiYzUxNDIzNTIwNWU1NGFhYmQ3ZmImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.Jp-K3bal5iK2jCkbDG1YZscm_HsUXSOGiQ-69r2LxPk)](https://private-user-images.githubusercontent.com/23698573/475505836-eadf8e0f-afa1-462b-91bd-727278085495.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzU0ODg1NzQsIm5iZiI6MTc3NTQ4ODI3NCwicGF0aCI6Ii8yMzY5ODU3My80NzU1MDU4MzYtZWFkZjhlMGYtYWZhMS00NjJiLTkxYmQtNzI3Mjc4MDg1NDk1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNjA0MDYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjYwNDA2VDE1MTExNFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFiMGU4MmM4Y2JkY2FkOWJiMmU0ZTQ2YTcxY2FkOGY0YjlkOGQ1YjU1ZWNiYzUxNDIzNTIwNWU1NGFhYmQ3ZmImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.Jp-K3bal5iK2jCkbDG1YZscm_HsUXSOGiQ-69r2LxPk)[![image](https://private-user-images.githubusercontent.com/23698573/475506557-8f763426-1284-4a32-8f0a-13954beb3730.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzU0ODg1NzQsIm5iZiI6MTc3NTQ4ODI3NCwicGF0aCI6Ii8yMzY5ODU3My80NzU1MDY1NTctOGY3NjM0MjYtMTI4NC00YTMyLThmMGEtMTM5NTRiZWIzNzMwLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNjA0MDYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjYwNDA2VDE1MTExNFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTdmMjhjYmFiMTYxMmQyMDYyODExMTQ3Y2E0YzgwNzQ5Yzg3ZjgyMzJkMmM3M2ZiMTQ5NzkzNDg3NGQyMjAwM2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.buys5z09s8-6tkIFfRMlLk0799RNlndZWmDCYiP3JVs)](https://private-user-images.githubusercontent.com/23698573/475506557-8f763426-1284-4a32-8f0a-13954beb3730.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzU0ODg1NzQsIm5iZiI6MTc3NTQ4ODI3NCwicGF0aCI6Ii8yMzY5ODU3My80NzU1MDY1NTctOGY3NjM0MjYtMTI4NC00YTMyLThmMGEtMTM5NTRiZWIzNzMwLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNjA0MDYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjYwNDA2VDE1MTExNFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTdmMjhjYmFiMTYxMmQyMDYyODExMTQ3Y2E0YzgwNzQ5Yzg3ZjgyMzJkMmM3M2ZiMTQ5NzkzNDg3NGQyMjAwM2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.buys5z09s8-6tkIFfRMlLk0799RNlndZWmDCYiP3JVs)Documentation ============= [](#documentation) Once the extension is installed, Simply add **Authenticator** middleware to whatever you want to secure, and that's it, your work ends here and **Authenticator** begins... ``` Route::middleware(['authenticator:admin'])->group(function () { Route::get('/', [AccountController::class, 'index']); }); ``` or you can use multiple middleware in the same like: ``` Route::middleware([ExampleMiddleware::class,'authenticator:admin'])->group(function () { Route::get('/', [AccountController::class, 'index']); }); ``` or you can use in single route middleware in the same like: ``` Route::get('/admin', [AccountController::class, 'index'])->middleware('authenticator:admin'); ``` or like: ``` Route::get('/account', [AccountController::class, 'index'])->middleware('authenticator:account'); ``` Note: Please note that any names you write in middleware **'authenticator:'**, alongside must be included in the configuration file **'config\\authenticator.php'** Simply change default configration values on **config\\authenticator.php** file: ``` // config\authenticator.php return [ /* * Common OTP generation and verification settings. These apply globally * and are used by default across all authentication contexts. * Context-specific settings will override these if defined within the context. */ 'otp_settings' => [ /* * This format will be displayed in the Google Authenticator app. You can customize the name however you like, * and you can include user fields in the format {field}. For example, you can add {email}, {name}, and so on. * It will be automatically prefixed with your application's name if not explicitly set. */ 'app_format' => env('AUTHENTICATOR_APP_FORMAT', config('app.name', 'Laravel App') . ': {name}'), // The name of the database column in the users table to store the 2FA secret key. 'secret_column_name' => env('AUTHENTICATOR_SECRET_COLUMN', 'authenticator_secret'), // Changed default to avoid 'authenticator' field name collision if user wants to use it for other purposes. // The number of digits for the OTP code (typically 6 or 8). 'otp_digits' => env('AUTHENTICATOR_OTP_DIGITS', 6), // The period in seconds for which an OTP code is valid (typically 30 seconds). 'otp_period' => env('AUTHENTICATOR_OTP_PERIOD', 30), // The algorithm used for HMAC-based One-Time Passwords (TOTP). // Common values: 'sha1', 'sha256', 'sha512'. 'otp_algorithm' => env('AUTHENTICATOR_OTP_ALGORITHM', 'sha1'), // The number of allowed disparities (time steps) for verification. // This helps account for clock drift between the server and the user's device. 'otp_window' => env('AUTHENTICATOR_OTP_WINDOW', 1), // 1 means +/- 30 seconds (for 30s period) ], /* * You can pass parameters to middleware in Laravel using a format like 'authenticator:admin'. * Please note that whatever value you specify here will be received in your middleware. For instance, * if you write 'newsecure', your middleware should be set up to handle it as 'authenticator:newsecure'. */ 'admin' => [ // Determines whether the verification process is enabled. // It pulls the value from the environment file (.env), with a default value of 'true' if not set. 'enabled' => env('AUTHENTICATOR_ADMIN_ENABLED', true), // The route name for the login page. // This specifies where the user will be redirected for login, with a default route 'admin.login'. 'login_route_name' => env('AUTHENTICATOR_ADMIN_LOGIN_ROUTE_NAME', 'admin.login'), // The name of the guard used for login. // It is pulled from the .env file with 'web' as the default guard. // 'login_guard_name' => 'admin', 'login_guard_name' => env('AUTHENTICATOR_ADMIN_GUARD_NAME', 'web'), // The main layout used for the verification views. // Defaults to 'layouts.app', but can be overridden via the .env file. 'main_layout' => env('AUTHENTICATOR_ADMIN_MAIN_LAYOUT', 'layouts.app'), // The route name for logout functionality. // Default value is 'false'. If a route is set here, the verification page will show a logout button. // Otherwise, the logout button will be hidden. // 'logout_route_name' => 'admin.logout', 'logout_route_name' => env('AUTHENTICATOR_ADMIN_LOGOUT_ROUTE_NAME', false), // The route name for a successful verification. // If set to false (default), the user will be redirected to the root page after successful verification. // Otherwise, it will redirect to the specified route name. // 'success_route_name' => 'admin.home', 'success_route_name' => env('AUTHENTICATOR_ADMIN_SUCCESS_ROUTE_NAME', false), ], /* * You can pass parameters to middleware in Laravel using a format like 'authenticator:account'. * Please note that whatever value you specify here will be received in your middleware. For instance, * if you write 'accountsecure', your middleware should be set up to handle it as 'authenticator:accountsecure'. */ 'account' => [ // Determines whether the verification process is enabled. // It pulls the value from the environment file (.env), with a default value of 'true' if not set. 'enabled' => env('AUTHENTICATOR_ACCOUNT_ENABLED', true), // The route name for the login page. // This specifies where the user will be redirected for login, with a default route 'account.login'. 'login_route_name' => env('AUTHENTICATOR_ACCOUNT_LOGIN_ROUTE_NAME', 'account.login'), // The name of the guard used for login. // It is pulled from the .env file with 'web' as the default guard. // 'login_guard_name' => 'account', 'login_guard_name' => env('AUTHENTICATOR_ACCOUNT_GUARD_NAME', 'web'), // The main layout used for the verification views. // Defaults to 'layouts.app', but can be overridden via the .env file. 'main_layout' => env('AUTHENTICATOR_ACCOUNT_MAIN_LAYOUT', 'layouts.app'), // The route name for logout functionality. // Default value is 'false'. If a route is set here, the verification page will show a logout button. // Otherwise, the logout button will be hidden. // 'logout_route_name' => 'account.logout', 'logout_route_name' => env('AUTHENTICATOR_ACCOUNT_LOGOUT_ROUTE_NAME', false), // The route name for a successful verification. // If set to false (default), the user will be redirected to the root page after successful verification. // Otherwise, it will redirect to the specified route name. // 'success_route_name' => 'account.home', 'success_route_name' => env('AUTHENTICATOR_ACCOUNT_SUCCESS_ROUTE_NAME', false), ], ]; ``` Modify View Files ----------------- [](#modify-view-files) Open: ``` 1. \resources\views\vendor\authenticator\scan.blade.php 2. \resources\views\vendor\authenticator\verify.blade.php ``` And then you can modify the view files with your own stylist UI. ### Health Score 32 — LowBetter than 72% of packages Maintenance57 Moderate activity, may be stable Popularity6 Limited adoption so far Community7 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 284d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/1196646e0986e36708de831d5e4fd3fef6e642b43cea0f082da030c049f8c42a?d=identicon)[nextvikas](/maintainers/nextvikas) --- Top Contributors [![nextvikas](https://avatars.githubusercontent.com/u/23698573?v=4)](https://github.com/nextvikas "nextvikas (31 commits)") --- Tags laravelgoogleotpsecurity2fagoogle2fatwo-factorMFAauthenticator2-step verificationdependency-free ### Embed Badge ![Health badge](/badges/nextvikas-laravel-google-authenticator/health.svg) ``` [![Health](https://phpackages.com/badges/nextvikas-laravel-google-authenticator/health.svg)](https://phpackages.com/packages/nextvikas-laravel-google-authenticator) ``` ### Alternatives [tzsk/otp A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel. 241641.4k1](/packages/tzsk-otp)[chillerlan/php-authenticator A generator for counter- and time based 2-factor authentication codes (Google Authenticator). PHP 8.2+ 58119.1k2](/packages/chillerlan-php-authenticator)[salehhashemi/laravel-otp-manager Laravel OTP manager 18713.2k](/packages/salehhashemi-laravel-otp-manager)[sicaboy/laravel-mfa A Laravel package of Multi-factor Authentication (MFA/2FA) with a middleware. 101.2k](/packages/sicaboy-laravel-mfa) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)