PHPackages                             vectorface/googleauthenticator - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. vectorface/googleauthenticator

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

vectorface/googleauthenticator
==============================

Google Authenticator 2-factor authentication

v3.5(2w ago)19256.5k↓34.5%71BSD-2-ClausePHPPHP &gt;=8.2CI passing

Since Sep 20Pushed 2w ago2 watchersCompare

[ Source](https://github.com/Vectorface/GoogleAuthenticator)[ Packagist](https://packagist.org/packages/vectorface/googleauthenticator)[ RSS](/packages/vectorface-googleauthenticator/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (8)Dependencies (4)Versions (9)Used By (1)

Google Authenticator (TOTP)
===========================

[](#google-authenticator-totp)

[![Build Status](https://github.com/Vectorface/GoogleAuthenticator/workflows/Test/badge.svg)](https://github.com/Vectorface/GoogleAuthenticator/workflows/Test/badge.svg)

**English** | [中文](./README.zh-CN.md)

This is a fork of  with the following changes:

- Uses  to generate QR code data URIs
- No longer generates Google's Chart API to make QR code links
- Uses namespacing
- Augmented test coverage to 100%
- Bumped minimum PHP version to 8.2

Original License:
-----------------

[](#original-license)

- Copyright (c) 2012-2016,
- Author: Michael Kliewe, [@PHPGangsta](http://twitter.com/PHPGangsta) and [contributors](https://github.com/PHPGangsta/GoogleAuthenticator/graphs/contributors)
- Licensed under the BSD License.

Description:
------------

[](#description)

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to [RFC6238](https://tools.ietf.org/html/rfc6238)

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:
------

[](#usage)

See following example:

```
