twofactorauth
TwoFactorAuth
twofactorauth | TwoFactorAuth | |
---|---|---|
12 | - | |
3,340 | 1,025 | |
0.5% | - | |
9.4 | 7.9 | |
7 days ago | 7 days ago | |
Ruby | PHP | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
twofactorauth
-
Find which accounts could support 2FA
FYI: Sites that provide 2FA may or may not be listed in https://github.com/2factorauth/twofactorauth
-
All your SMS are belong to us
Using the 2fa.directory as a start, I recently went searching for banks that specifically support MFA via hardware or software tokens. Almost all are non-US based which shows how far behind the US financial industry is w/r MFA. I found one, First Tech Federal Credit Union, which supports software tokens using the Entrust IdentityGuard app. They support business and personal accounts and you can apply online.
- The twofactorauth[.]org site has been taken over
- Ask HN: What Happened to Twofactorauth.org?
-
Best site that provided a list of sites with two factor authentication (2FA) support
Further information that the domain was sold by one of the contributors due to a dispute - https://github.com/2factorauth/twofactorauth/issues/5238
-
Where did the list of 2FA websites go? I cannot find it anymore
See: The twofactorauth[.]org site has been taken over #5238
-
Daily Fi Discussion Thread Wednesday February 17
That said, where possible, 2FA should not rely on a phone number. SMS and Voice are unauthenticated and unencrypted. It's easy and cheap enough to setup a stingray to grab all text messages in an area, and SIM swap attacks are also typically pretty easy (difficulty varies by provider from incredibly simple to might require calling back a few times to get the right rep). Switch to an authenticator app for anything that supports it (https://twofactorauth.org/).
-
Is 2FA too risky?
I backup my seed data every account that has 2FA/MFA support (see https://twofactorauth.org/) into Keepass. It's fairly simple to do. I use a program like Windows' Snipping Tool to capture the QR code displayed by the new 2FA-based service and I save the file as an attachment into my Keepass on the password entry for the 2FA-based service. I also use a QR code reader that deciphers the QR code and then I save that URI string into Keepass as well, extracting the TOTP seed data and also using the KeePassOTP or other KeePass plug-in to allow me to generate TOTP codes directly from my Keepass vault files on either my PC or Android devices.
-
Security Reminder to turn on MFA and use strong passwords on your accounts
Also https://twofactorauth.org/ to check which of your sites have it as an option.
-
10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities
It's absolutely unacceptable. A visit to https://twofactorauth.org/ will quickly either dash or build your hopes for the future of online security, depending entirely on what country you live in.
TwoFactorAuth
We haven't tracked posts mentioning TwoFactorAuth yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
KeePassOTP - Add OTP support (two factor authentication) to KeePass
HybridAuth - Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.
authelia - The Single Sign-On Multi-Factor portal for web apps
Sentinel - A framework agnostic authentication & authorization system.
twofactorauth - List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software. [Moved to: https://github.com/2factorauth/twofactorauth]
SocialConnect Auth - :atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP :shipit:
awesome-runners - A curated list of awesome self-hosted GitHub Action runners in a large comparison matrix
OAuth 2.0 Client - Easy integration with OAuth 2.0 service providers.
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
Json Web Token - A simple library to work with JSON Web Token and JSON Web Signature
TwoFactorAuth.Net - .Net library for Two Factor Authentication (TFA / 2FA)
OAuth2 Server - documentation for the oauth2-server-php library