Back to Projects

swift2FA - Secure Two factor authentication library

Phpphpunit
swift2FA - Secure Two factor authentication library

Swift2FA - Secure Two-Factor Authentication Library

Swift2FA is a secure and easy-to-use PHP library for implementing two-factor authentication (2FA). It supports multiple authentication methods, ensuring a high level of security for web applications.

Key Features

  • Authenticator App Support: Works with Google Authenticator and other TOTP-based apps.
  • Email Authentication: Uses SMTP with PHPMailer for secure email verification.
  • SMS Authentication: Supports services like Twilio for sending 2FA codes via SMS.
  • Built-in Encryption: Secret keys are encrypted before storage for maximum security.
  • QR Code Generation: Generates QR codes for easy scanning and setup.
  • Flexible Time-Step Settings: Adjustable settings for time-based authentication codes.
  • Email and SMS Delivery Options: Multiple ways to send authentication codes securely.

Why I Built Swift2FA

I was exploring how 2FA works and wanted to build a PHP package that simplifies the implementation process. Swift2FA is open-source and currently has just 5 stars on GitHub 😂.

It’s designed to be extremely easy to use. You can integrate 2FA with just a few lines of code:

use Swift2FA\Swift2FA;

$swift2fa = new Swift2FA();

How It Works

Swift2FA follows a secure process to ensure authentication codes are generated and verified correctly:

  1. First, we generate a secret key.
  2. The secret key is encrypted before being stored.
  3. During authentication, the key is decrypted and used to generate a TOTP (Time-based One-Time Password).

Libraries Used

  • chillerlan\QRCode\{QRCode, QROptions} - For QR code generation.
  • PHPMailer\PHPMailer\PHPMailer - For sending email authentication codes.
  • PHPMailer\PHPMailer\Exception - Handles PHPMailer exceptions.
  • Twilio\Exceptions\ConfigurationException - Handles Twilio configuration errors.
  • Twilio\Rest\Client - Sends authentication codes via SMS.

Repository & Testing

You can check out the full source code on GitHub:

Swift2FA GitHub Repository

To ensure everything works perfectly, I created a full authentication system from scratch to test it:

Auth System for Testing