A PHP library for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm) and compatible with Google Authenticator
This library is compatible with Google Authenticator apps available for Android and iPhone. It is also compatible with other applications such as FreeOTP for example.
The release process is described here.
This library needs at least
It has been successfully tested using
PHP 7 and
The preferred way to install this library is to rely on Composer:
composer require spomky-labs/otphp
By default, documentation and test environnement are excluded.
If you want to test the library or get the documentation, please add
composer require spomky-labs/otphp --prefer-source
This library provides both
TOTP is a time based one-time password. It lives only during few seconds (the
You just have to be sure that the clock of your server and your device are synchronized.
This is the most common OTP.
HOTP is a counter based one-time password. Every time a password is used, the counter is updated.
You have to verify that the server and the device are synchronized.
To create a new
HOTP, just instantiate the class you selected:
use OTPHP\TOTP; $totp = new TOTP();
use OTPHP\HOTP; $hotp = new HOTP();
Have a look at How to use to initialize and generate your first OTP.
Requests for new features, bug fixed and all other ideas to make this library useful are welcome. Please follow these best practices.
This software is release under MIT licence.