Skip to content

About

A TOTP (Time-Based One-Time Password) Two-Factor Authentication Module for codeigniter4/shield.

  • Generates a 32 byte secret key
  • Generates a scannable QR Code that contains an otpauth: URL compatible with Google Authenticator1 App (Android/iOS) for account registration/activation
  • Authenticates a 6-digit, SHA1, 30-second period TOTP for login
  • Prevents reuse of an TOTP within its validation period

  1. Google Authenticator implementation ignores: Algorithm, Digits, and Period parameters of the otpauth: URL.