Now run the above code with some test account name, issuer name and secret key. This library has the advantage of being slightly nicer (I hope) to integrate into existing libraries, and contains inbuilt support for using a PSR-6 cache interface to reduce the possibility of a replay attack. Google Authenticator doesn’t seem to deal with spaces encoded as plus signs. Both of which work but neither of which seem to be updated much nor incorporate modern best practises. You dont need to worry about the 2FA token any more. Now code will pick the token from the google authenticator as part of execution. Replace 'secret goes here' with the secret from the file. Open the downloaded file, you will find the secret in there. ImplementationĪs far as I could tell, there were (at the time of writing) 2 other PHP libraries for interacting with the Google Authenticator. Click on settings>export/import in your google authenticator. Using the Google Authenticator allows people to have another layer of security that will only allow them to access your web application/service if they have both the password and the correctly setup Google Authenticator app on their phone. Google Authenticator is an authenticator app developed by Google used to verify the identity of a user. Far too many people use the same password for multiple things, and sometimes it's nice to actually have a secure application. IntroductionĢ factor authentication is pretty awesome. Although this library is not deprecated by any means and should continue to work well, since the release of this library other projects have implemented this in a non-terrible style and have gained reasonable traction.īefore you implement this, consider whether otphp may suit your use case.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |