WHAT IS IT?
2FAuth is a self-hosted web app to manage your two-factor authentication accounts and generate their security codes. Think of it as a drop-in replacement for Google Authenticator, Authy or Microsoft Authenticator, but reachable from any browser (desktop or mobile) instead of being locked to a single phone.
WHY IS IT INTERESTING?
- Cross-device by design: Your 2FA codes are reachable from any browser. No more panic when switching phones or when the battery dies at the worst moment.
- Standards-compliant: RFC 4226 (HOTP) and RFC 6238 (TOTP) compliant, with Steam Guard support too. Works with any service that ships standard 2FA.
- Serious security: Optional encryption for sensitive data, WebAuthn support (Yubikey, Titan), auto-logout on inactivity, multi-user setup.
- Import/Export and API: Easy migration from other 2FA apps, REST API to integrate 2FAuth in your own tooling, browser extensions for Chrome and Firefox.
- Native QR code: Scan or decode QR images to add an account in two clicks, or fall back to manual entry when needed.
USE CASES
- Centralize all your 2FA accounts on a personal server (Docker, VPS, NAS) instead of relying on a Big Tech app.
- Share 2FA access across a team through a secure multi-user instance.
- Backup your TOTP tokens in case the phone is lost, stolen or broken.
- Integrate OTP generation into your own scripts and internal tools through the REST API.