2FAuth

2FAuth is an open-source web application that manages Two-Factor Authentication (2FA) accounts and generates one-time passwords (TOTP/HOTP). It provides a browser-accessible interface, QR-code scanning, import/export tools, and optional data encryption with modern authentication support.

Key Features

• Generate TOTP and HOTP (and Steam Guard) one-time passwords according to standard RFCs
• Add accounts via QR code scanning, manual advanced form, or import from other authenticator formats
• Organize accounts using Groups and edit or delete entries
• REST API to perform most app functions from external applications
• Modern authentication options including WebAuthn (security keys) and auto-lock/session timeout controls
• Optional encryption for sensitive data at rest (requires backing up application key)
• Browser companion extensions and PWA support to surface OTPs from a running instance

Use Cases

• Centralized access to 2FA codes on desktop or shared devices when a phone is unavailable
• Family or small-team shared instance for managing multiple members' 2FA accounts with per-account organization
• Migration and backup of existing authenticator data using import/export to move between apps or restore tokens

Limitations and Considerations

• Data encryption is optional and disabled by default; enabling encryption requires safeguarding the APP_KEY backup to avoid data loss
• Browser extensions and companion tools require a running 2FAuth instance and are not standalone; this may limit offline use
• Correct operation depends on a properly configured server environment (PHP/Laravel requirements) and secure database backups to protect stored secrets

2FAuth is focused on providing a standards-compliant, auditable, and UI-friendly way to manage OTP-based 2FA tokens for desktop and mobile web access. It emphasizes privacy, portability of data, and flexible deployment options.