GoogleAuth - Google Authenticator Server side code

  •        1038

GoogleAuth is a Java server library that implements the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. This library can be used by any developer who wants to add TOTP multi-factor authentication to a Java application and needs the server-side code to create TOTP shared secrets and verify TOTP passwords.Google Authenticator Server side code

https://github.com/wstrange/GoogleAuth

Tags
Implementation
License
Platform

   




Related Projects

notp - Node One Time Password library, supports HOTP, TOTP and works with Google Authenticator

  •    Javascript

Simple to use, fast, and with zero dependencies. The Node One Time Password library is fully compliant with HOTP (counter based one time passwords) and TOTP (time based one time passwords). It can be used in conjunction with the Google Authenticator which has free apps for iOS, Android and BlackBerry. Google authenticator requires that keys be base32 encoded before being used. This includes manual entry into the app as well as preparing a QR code URI.

Google Authenticator - Two factor authentication

  •    Java

The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

google2fa - A One Time Password Authentication package, compatible with Google Authenticator.

  •    PHP

Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. This package is agnostic, but there's a Laravel bridge.

google2fa-laravel - A One Time Password Authentication package, compatible with Google Authenticator for Laravel

  •    PHP

Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. This package is a Laravel bridge to Google2FA's PHP package.

Google Authenticator TOTP C#

  •    CSharp

An implementation of Google's Authenticator in C# and WPF. It's a Time-based One-time Password (TOTP) described in RFC 6238. You could use it to implement two-factor authentication in your own .Net application.


otp - TOTP library for Go

  •    Go

One Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user's phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, Github, Facebook, Salesforce and many others. The otp library enables you to easily add TOTPs to your own application, increasing your user's security against mass-password breaches and malware.

onetimepass - One-time password library for HMAC-based (HOTP) and time-based (TOTP) passwords

  •    Python

One-time password library for HMAC-based (HOTP) and time-based (TOTP) passwords

rotp - Ruby One Time Password library

  •    Ruby

A ruby library for generating one time passwords (HOTP & TOTP) according to RFC 4226 and RFC 6238. ROTP is compatible with the Google Authenticator available for Android and iPhone.

Altairis OTP Authentication Library

  •    

Tools for implementing one time password authentication in .NET systems. Supports time-based (TOTP) or event-based (HOTP) passwords and is compatible with Google Authenticator technology.

FreeOTP - Two factor authentication

  •    Java

FreeOTP is a two-factor authentication application for systems utilizing one-time password protocols. Tokens can be added easily by scanning a QR code. If you need to generate a QR code, try our QR code generator.

Authenticator - Two-Factor Authentication Client for iOS

  •    Swift

Authenticator is a simple, free, and open source two-factor authentication app. It helps keep your online accounts secure by generating unique one-time passwords, which you use in combination with your other passwords to log into supporting websites. The simple combination of the password in your head and the rotating passwords generated by the app make it much harder for anyone but you to access your accounts. If you open the .xcodeproj instead, the project will not be able to find its dependencies.

otphp - :closed_lock_with_key: A PHP library for generating one time passwords according to RFC 4226 (HOTP) and the RFC 6238 (TOTP)

  •    PHP

This library is compatible with Google Authenticator apps available for Android and iPhone. It is also compatible with other applications such as FreeOTP for example.The release process is described here.

django-two-factor-auth - Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects

  •    Python

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django's built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google's Two-Step Authentication, allowing users to authenticate through call, text messages (SMS), by using a token generator app like Google Authenticator or a YubiKey hardware token generator (optional). I would love to hear your feedback on this package. If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is translated into English, Dutch and other languages. Please contribute your own language using Transifex.

devise_google_authenticator - A Devise extension to allow your app to utilise Google's 2FA Mobile app

  •    Ruby

This is a devise extension to allow your app to utilise Google Authenticator for Time-based One Time Passwords (TOTP).

secure-password - Making Password storage safer for all

  •    Javascript

They're both constrained by the constants SecurePassword.MEMLIMIT_MIN - SecurePassword.MEMLIMIT_MAX and SecurePassword.OPSLIMIT_MIN - SecurePassword.OPSLIMIT_MAX. If not provided they will be given the default values SecurePassword.MEMLIMIT_DEFAULT and SecurePassword.OPSLIMIT_DEFAULT which should be fast enough for a general purpose web server without your users noticing too much of a load time. However your should set these as high as possible to make any kind of cracking as costly as possible. A load time of 1s seems reasonable for login, so test various settings in your production environment. The settings can be easily increased at a later time as hardware most likely improves (Moore's law) and adversaries therefore get more powerful. If a hash is attempted verified with weaker parameters than your current settings, you get a special return code signalling that you need to rehash the plaintext password according to the updated policy. In contrast to other modules, this module will not increase these settings automatically as this can have ill effects on services that are not carefully monitored.

buttercup-desktop - :key: Javascript Secrets Vault - Multi-Platform Desktop Application

  •    Javascript

Cross-platform, free and open-source password manager based on NodeJS. Buttercup is a password manager - an assistant for helping you store all of your login credentials. Buttercup helps you keep your accounts safe and assists you when you want to log in - all you need to do is remember just one password: your master password.

Titan - Command line password manager

  •    C

Titan is a command line password manager. Titan uses OpenSSL library to perform the encryption. AES encryption is used with 256 bit keys. Password database is also protected from tampering by using a keyed-hash message autentication code (HMAC). Unique, cryptographically random initialization vector is used during the encryption. New initialization vector is generated each time the password database is encrypted.

Chroma-Hash - A sexy, secure live visualization of password field input

  •    Javascript

Password entry can be frustrating, especially with long or difficult passwords. On a webpage, secure fields obscure your input with •'s, so others can't read it. Unfortunately, neither can you—you can't tell if you got your password right until you click "Log In". Chroma-Hash displays a series of colored bars at the end of field inputs so you can instantly see if your password is right. Chroma-Hash takes an MD5 hash of your input and uses that to compute the colors in the visualization. The resulting color pattern is non-reversible, so no one could know what your password just from the colors.

cupp - Common User Passwords Profiler (CUPP)

  •    Python

The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values. A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.

credential - Easy password hashing and verification in Node

  •    Javascript

Easy password hashing and verification in Node. Protects against brute force, rainbow tables, and timing attacks.Employs cryptographically secure, per password salts to prevent rainbow table attacks. Key stretching is used to make brute force attacks impractical. A constant time verification check prevents variable response time attacks.