Top 23 Mfa Open-Source Projects

• authelia

  174 19,523 9.9 Go

  The Single Sign-On Multi-Factor portal for web apps

  

Project mention: Keycloak SSO with Docker Compose and Nginx | news.ycombinator.com | 2024-02-11

It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.

Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...

• cas

  6 10,629 9.9 Java

  Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

  

Project mention: The Central Authentication Service Project | news.ycombinator.com | 2023-08-08

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• aws-vault

  49 8,127 1.7 Go

  A vault for securely storing and accessing AWS credentials in development environments

  

Project mention: Keep your AWS CLI config fresh with Cog | dev.to | 2024-03-28

Undying fondness for aws-vault to securely cache my session credentials.

• zitadel

  80 6,982 9.8 Go

  ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.

  

Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30

• cli

  8 3,478 9.2 Go

  🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)

  

Project mention: Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30 | news.ycombinator.com | 2024-01-18

https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.

• pyotp

  18 2,826 4.2 Python

  Python One-Time Password Library

  

Project mention: django authentication , login with otp | /r/django | 2023-07-06

Can’t you just use a HOPT/TOPT so the user can scan a QR code with e.g google authenticator? Check https://github.com/pyauth/pyotp for more information

• speakeasy

  2 2,662 0.0 JavaScript

  **NOT MAINTAINED** Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.

  

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• privacyIDEA

  9 1,425 9.4 Python

  :closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)

  

• prince

  1 1,188 7.3 Python

  :crown: Multivariate exploratory data analysis in Python — PCA, CA, MCA, MFA, FAMD, GPA (by MaxHalford)

Project mention: Categorical data in K-means | /r/datascience | 2023-05-19

Well, my favourite thing about posting on Reddit is learning new things. https://github.com/MaxHalford/prince I looked up the Prince and I'll be reading up about FAMD shotly - thanks!

• GlobalProtect-openconnect

  15 1,127 8.3 Rust

  A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, etc.

Project mention: GlobalProtect VPN and browser configuration | /r/ManjaroLinux | 2023-09-15

In order to reach a client's domain for a project, my team needs to use a VPN and the instructions were pretty clear regarding which tool to use - GlobalProtect VPN - so I've installed https://github.com/yuezk/GlobalProtect-openconnect and was able to connect successfully.

• aws-mfa

  5 1,005 0.0 Python

  Manage AWS MFA Security Credentials

• extract_otp_secrets

  10 959 8.3 Python

  Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured by camera, read from images, or read from text files. The secrets can be exported to JSON or CSV, or printed as QR codes to console.

Project mention: Show HN: AuthWin – Authenticator App for Windows | news.ycombinator.com | 2024-03-03

This library uses the GPL v3 license: https://github.com/scito/extract_otp_secrets?tab=GPL-3.0-1-o...

Your options are to either go open-source or remove the library.

• product-is

  1 713 10.0 Java

  Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.

  

• bastion

  1 635 3.1 Shell

  🔒Secure Bastion implemented as Docker Container running Alpine Linux with Google Authenticator & DUO MFA support (by cloudposse)

  

• putty-cac

  12 444 6.2 C

  Windows Secure Shell Client With Support For Smart Cards, Certificates, & FIDO Keys

Project mention: NIST: Personal Identity Verification (PIV) of Federal Employees and Contractors | news.ycombinator.com | 2024-03-23

PuTTY-CAC was an interesting, although imperfect solution to using PIV/CAC cards together with SSH. I remember piloting it from 2013-2014 at an agency. Back then, it was maintained by Dan Risacher[0]. Nowadays it is maintained on GitHub[1] and adopted some interesting features like FIDO.

[0] https://risacher.org/putty-cac/

[1] https://github.com/NoMoreFood/putty-cac

• a12n-server

  16 422 8.5 TypeScript

  An open source lightweight OAuth2 server

  

• google-authenticator-exporter

  5 361 2.2 JavaScript

  Get the TOTP secrets exported by Google Authenticator

Project mention: Google Authenticator finally, mercifully adds account syncing for two-factor codes | /r/google | 2023-04-25

• wait-for-secrets

  4 271 0.0 TypeScript

  Publish from GitHub Actions using multi-factor authentication

  

Project mention: How to publish on npm with `--provenance` using Lerna-Lite | dev.to | 2023-11-16

To deal with the OTP (or any other 2FA), we can use wait-for-secrets. Compared to the previous basic usage, we are splitting the Lerna-Lite Version & Publish into 2 separate tasks. The reason is simple, calling the OTP too early would timeout even before reaching the publish phase, so calling the OTP just before the publish is the best way to avoid invalid pin.

• django-mfa2

  7 226 2.8 CSS

  A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Webauthn), Email Token and Trusted Devices

• awsu

  1 172 0.7 Go

  Enhanced account switching for AWS, supports Yubikey as MFA source

  

• wag

  4 165 8.5 Go

  Simple Wireguard 2FA

Project mention: Anyone centrally managing clients VPN connections/users/settings? | /r/selfhosted | 2023-06-28

• rauthy

  2 165 9.9 Rust

  OpenID Connect Single Sign-On Identity & Access Management

Project mention: Rauthy OIDC v0.19 — Better support for Solid and Matrix | /r/SelfhostingHub | 2023-11-18

• one-time

  1 158 1.3 Clojure

  One Time Password (TOTP and HOTP) library for Clojure. TOTP/HOTP is widely used for Two Factor / Multi Factor Authentication.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Mfa related posts

• ESP32 MFA TOTP Generator
  1 project | news.ycombinator.com | 6 Mar 2024
• How to publish on npm with `--provenance` using Lerna-Lite
  1 project | dev.to | 16 Nov 2023
• django authentication , login with otp
  1 project | /r/django | 6 Jul 2023
• Rejected GitHub Profile Achievements
  6 projects | news.ycombinator.com | 5 Jul 2023
• Managing credentials for automated scripts
  1 project | /r/learnpython | 15 Jun 2023
• Which SSO supports passkey? (webauthn)
  2 projects | /r/selfhosted | 5 May 2023
• Django WebAuthn Support?
  3 projects | /r/django | 21 Apr 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 23 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com