The most powerful and the simplest library to add two factor authentication by google authenticator, in every directory that you want in just one step

v1.0.14 2015-09-27 15:28 UTC

This package is auto-updated.

Last update: 2021-09-04 06:34:23 UTC


Build status: Build Status Scrutinizer Code Quality Code Coverage Build Status Latest Stable Version Total Downloads Latest Unstable Version License

The most powerful and the simplest library to add two factor authentication by google authenticator, for every directory that you want in just one step

  • Add two factor in different directory with different secret
  • Lock all pages and files until the correct code is inserted
  • Set automatically mod rewrite redirect to insert code page until the correct code is inserted
  • Update you htaccess automatically
  • Easily installation in each dir in just one step
  • Only one software installation location to allow you to manage it easily
  • You can always set up two factor in new directories without change other installations, keeping the same software installation location


  • httacces and mod rewrite needed
  • php write permission
  • the date time on the server must be synchronized (only 1 minute of margin)

#Download ##Get/update composer This library require composer (download composer here

Update composer

php composer.phar self-update


Download via composer require (we suggest to create a dedicated directory for this)

php composer.phar require thecsea/twofactor-dir

or insert library as dependency in your composer project

thecsea/twofactor-dir": "1.0.*

in the last case you have to install or update you project

php composer.phar install


php composer.phar update

N.B. If you don't have access to server terminal you can perform installation on your pc and upload all via ftp

##Update twofactor-dir

You can update twofactor-dir (according to version limit set in composer.json)

php composer.phar update


##Installation You can set different different directory keeping only one software location, but you mustn't change it

###Set up twofactor-dir

  1. Give php write permissions to the directory where you want to set up twofactor-dir
  2. Enable htacces and mod rewrite
  3. open via a browser the following page and insert the directory position (preferably absolute link)


after this you will see new files and htaccess updated

We suggest to hide via htaccess the twofactor-dir installation directory

###First Use You can get secret or QR code on YOUR_DIR/get_qr.php. We suggest to use a https connection

After linked a device we suggest to hide get_qr.php for not logged users in the following way:

CAUTION Comment RewriteRule ^get_qr.php$ get_qr.php [L,QSA] on htaccess generated after get qr for the first time, so you are able to get qr (to add more devices) only after login

##Use When you try to access to each page of the directory you will be redirected to insert code page, when you insert code you will be logged until the session is closed.

You can add new devices after login (insert code page) calling YOUR_DIR/get_qr.php


Obviously you can customize interface modifying:

  • redirect.php
  • get_qr.php

##Disable You can disable twofactor-dir temporarily commenting the redirect instructions on .htaccess

##Uninstall To unistall twofactor-dir for a directory you have to remove the following files from your dir:

  • get_qr.php
  • redirect.php
  • secret.php

and remove the twofactor-dir lines (marked) from .htacces

CAUTION: You must keep the twofactor-dir installation (installation downloaded by composer) if you have set up it in other directories