webauthn - Web Authentication WG: https://www.w3.org/Webauthn Editors' Draft:

•    HTML

---

This is the repository for the W3C WebAuthn Working Group, producing the draft "Web Authentication" specification. To materially contribute to this specification, you must meet the requirements outlined in CONTRIBUTING.md. Also, before submitting feedback, please familiarize yourself with our current issues list and review the mailing list discussion.

M-Pin - Two Factor Authentication For Web sites

•    Java

---

M-Pin Strong Authentication System enables true two-factor authentication for web sites and applications, based on the open source M-Pin Authentication Server and M-Pin Managed Service. The M-Pin™ Managed Service is a highly available, fault tolerant software as a service that issues cryptographic secrets to M-Pin Authentication Servers and Clients.

2factor authentication security cryptography

Cierge - 🗝️ Passwordless OIDC authentication done right

•    CSharp

---

Cierge is an OpenID Connect server that handles user signup, login, profiles, management, social logins, and more. Instead of storing passwords, Cirege uses magic links/codes and external logins to authenticate your users. Passwords are insecure by default. Cierge does away by the illusion of security passwords give ("forgot password" usually relies upon email-based auth at the end of the day).

jwt identity passwordless authentication openid-connect oauth2 oauth2-server asp-net-core

privacyIDEA - Modular Authentication System

•    Python

---

privacyIDEA is a Two Factor Authentication System which is multi-tenency- and multi-instance-capable. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication.

authentication two-factor-authentication 2fa otp security

2fa - Two-factor authentication on the command line

•    Go

---

2fa is a two-factor authentication agent. 2fa -add name adds a new key to the 2fa keychain with the given name. It prints a prompt to standard error and reads a two-factor key from standard input. Two-factor keys are short case-insensitive strings of letters A-Z and digits 2-7.

google2fa-laravel - A One Time Password Authentication package, compatible with Google Authenticator for Laravel

•    PHP

---

Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. This package is a Laravel bridge to Google2FA's PHP package.

laravel 2fa two-factor-authentication authentication app-security

two-factor-auth - Generate 2FA tokens compatible with Google Authenticator

•    Go

---

Simple CLI app that generates tokens compatible with Google Authenticator. I implemented this mainly to understand how it works, you should probably not use this.

two-factor-authentication two-factor 2fa twofactorauth

SQL Server Authentication Troubleshooter

•    

---

SQL Server Authentication Troubleshooter is a tool to help investigate a root cause of ‘Login Failed’ error in SQL Server. There could be number of reasons for this error–from insufficient permissions and policy problem to a Win API failure.

authentication authentication-troub login login-failed sql-server

blockstack.js - The Blockstack JavaScript library for identity, auth and storage

•    HTML

---

Note: If you're looking for the Blockstack CLI repo it was merged with Blockstack Core.Blockstack JS is a library for profiles/identity, authentication, and storage.

blockchain id auth authentication bitcoin blockchain-auth blockchain-authentication blockchainid blockchain-id bitcoin-auth bitcoin-authentication bitcoin-login blockchain-login authorization login signin sso crypto cryptography token blockstack blockstack-auth profile identity ethereum

google2fa - A One Time Password Authentication package, compatible with Google Authenticator.

•    PHP

---

Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. This package is agnostic, but there's a Laravel bridge.

2fa two-factor-authentication google2fa agnostic

two-factor-bundle - Two-factor authentication for Symfony applications

•    PHP

---

... and follow the installation instructions. Detailed documentation of all features can be found in the Resources/doc directory.

2fa two-factor-authentication authentication security symfony-bundle totp google-authenticator

yosai - A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail

•    Python

---

Yosai is a "security framework" that features authentication, authorization, and session management from a common, intuitive API. Yosai is based on Apache Shiro, written in Java and widely used today.

authentication authorization sessionmanagement rbac security twofactorauth totp two-factor

aws-mfa - Manage AWS MFA Security Credentials

•    Python

---

aws-mfa makes it easy to manage your AWS SDK Security Credentials when Multi-Factor Authentication (MFA) is enforced on your AWS account. It automates the process of obtaining temporary credentials from the AWS Security Token Service and updating your AWS Credentials file (located at ~/.aws/credentials). Traditional methods of managing MFA-based credentials requires users to write their own bespoke scripts/wrappers to fetch temporary credentials from STS and often times manually update their AWS credentials file. short-term - A temporary set of credentials that are generated by AWS STS using your long-term credentials in combination with your MFA device serial number (either a hardware device serial number or virtual device ARN) and one time token code. Your short term credentials are the credentials that are actively utilized by the AWS SDK in use.

aws mfa 2fa two-factor-authentication multi-factor-authentication amazon-web-services aws-sts sts awsmfa

bell - Third-party login plugin for hapi

•    Javascript

---

Third-party authentication plugin for hapi.bell ships with built-in support for authentication using Facebook, GitHub, Google, Google Plus, Instagram, LinkedIn, Slack, Stripe, Twitter, Yahoo, Foursquare, VK, ArcGIS Online, Windows Live, Nest, Phabricator, BitBucket, Dropbox, Reddit, Tumblr, Twitch, Mixer, Salesforce, Pinterest, Discord, DigitalOcean, AzureAD, trakt.tv and Okta. It also supports any compliant OAuth 1.0a and OAuth 2.0 based login services with a simple configuration object.

hapi login authentication oauth plugin auth0 arcgisonline bitbucket dropbox facebook fitbit foursquare github gitlab google instagram medium linkedin live meetup nest phabricator office365 okta reddit spotify tumblr twitter vk wordpress yahoo

TwoFactorAuth - PHP library for Two Factor Authentication (TFA / 2FA)

•    PHP

---

PHP library for two-factor (or multi-factor) authentication using TOTP and QR-codes. Inspired by, based on but most importantly an improvement on 'PHPGangsta/GoogleAuthenticator'. There's a .Net implementation of this library as well. Here are some code snippets that should help you get started...

qrcode two-factor twofactorauth totp multi-factor security

DotNetOpenAuth - OpenID, OAuth, Infocard library for .NET

•    CSharp

---

DotNetOpenAuth provides support for your site visitors to login with their OpenIDs by just dropping an ASP.NET control onto your page. It could be customized, how OpenID will operate on your site. It supports OpenID, OAuth and Infocards authentication. User registration and Signup of your site will be handled by this library. Users having Google, Twitter ID could login in to your site without having to create their own login.

openid oauth infocard authentication

gologin - Go login handlers for authentication providers (OAuth1, OAuth2)

•    Go

---

Package gologin provides chainable login http.Handler's for Google, Github, Twitter, Digits, Facebook, Bitbucket, Tumblr, or any OAuth1 or OAuth2 authentication providers.Choose a subpackage. Register the LoginHandler and CallbackHandler for web logins or the TokenHandler for (mobile) token logins. Get the authenticated user or access token from the request context.

oauth2 oauth2-client authentication

userapp-angular - AngularJS module that adds user authentication to your app with UserApp.

•    Javascript

---

AngularJS module that adds user authentication to your app with UserApp. It supports protected/public routes, rerouting on login/logout, heartbeats for status checks, stores the session token in a cookie, directives for signup/login/logout, OAuth, etc.UserApp is a user management API for web & mobile apps with the purpose to relieve developers from having to program logic for user authentication, sign-up, invoicing, feature/property/permission management, and more.

angular angularjs angular-component

socialite - :octocat: Socialite is an OAuth2 Authentication tool

•    PHP

---

Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, You can easily use it in any PHP project. facebook, github, google, linkedin, outlook, weibo, qq, wechat, and douban.

socialite oauth laravel login oauth2-authentication facebook google linkedin social-login wechat weibo

loginsrv - JWT login microservice with plugable backends such as OAuth2, Github, htpasswd, osiam

•    Go

---

loginsrv is a standalone minimalistic login server providing a JWT login for multiple login backends.The following providers (login backends) are supported.

jwt htpasswd service caddy caddyserver login oauth2 github oauth2-client authentication