TwoFactorAuthenticator 1.1.2

.NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher. .NET Framework 4.7.2 This package targets .NET Framework 4.7.2. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package TwoFactorAuthenticator --version 1.1.2
                    


                    

                
NuGet\Install-Package TwoFactorAuthenticator -Version 1.1.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="TwoFactorAuthenticator" Version="1.1.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="TwoFactorAuthenticator" Version="1.1.2" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="TwoFactorAuthenticator" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add TwoFactorAuthenticator --version 1.1.2
                    


                    

                
#r "nuget: TwoFactorAuthenticator, 1.1.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package TwoFactorAuthenticator@1.1.2
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=TwoFactorAuthenticator&version=1.1.2
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=TwoFactorAuthenticator&version=1.1.2
                    


                            Install as a Cake Tool

TwoFactorAuthenticator

Simple, easy to use server-side/desktop two-factor authentication library for .NET that works with authenticator apps e.g. from Google, from Microsoft, Authy or LastPass.

Build Status NuGet Version NuGet Downloads

Install-Package TwoFactorAuthenticator

Usage

Also see additional example projects at

key should be stored by your application for future authentication and shouldn't be regenerated for each request. The process of storing the private key is outside the scope of this library and is the responsibility of the application.

Generate setup code

using TwoFactorAuthenticator;
using TwoFactorAuthenticator.QrCoder;

string key = Guid.NewGuid().ToString().Replace("-", "").Substring(0, 10);

Authenticator tfa = new Authenticator();
QrCoderSetupCodeGenerator qrscg = new QrCoderSetupCodeGenerator { PixelsPerModule = 3 };

SetupCode setupInfo = tfa.GenerateSetupCode("Test Two Factor", "user@example.com", key, false);

string qrCodeImageUrl = setupInfo.GenerateQrCodeUrl(qrscg);

using (MemoryStream ms = new MemoryStream(setupCode.GetQrCodeImageData(qrscg)))
{
    qrCodePictureBox.Image = Image.FromStream(ms);
}

this.setupInfo.Text = "Account: " + setupCode.Account + System.Environment.NewLine +
                      "Encoded Key: " + setupCode.ManualEntryKey;

Generation

Authenticator tfa = new Authenticator();
PasswordToken token = tfa.GetCurrentPIN(key);
using (var unsafeToken = UnsafeToken.FromPasswordToken(token))
{
    string pin = unsafeToken.ToString();
}

Verification

// demo example: holding the code in memory is unsafe
byte[] digits = { 0, 1, 2, 3, 4, 5 };

Authenticator tfa = new Authenticator();
PasswordToken token = new PasswordToken();

// perform append when a single digit is entered by user
for (int i = 0; i < 6; i++)
    result.AppendDigit(digits[i]);

bool result = tfa.ValidateTwoFactorPIN(key, token);

History

1.1.2

  • see Issue #31: Addressed a problem of PasswordToken.FromPassCode with codes having leading zeros.

1.1.1

  • see PR #14: Updated System.Security.Cryptography.ProtectedData from 6.0.0 to 7.0.1.

1.1.0

  • Breaking changes:
    • TwoFactorAuthenticator should not be named like its namespace (created collision); new name is just Authenticator
    • Changed interface to use secured PasswordToken instead of primitive string
  • Introduced UnsafeToken for generation / UI purposes
  • Introduced FactorControl for WinForms

1.0.1

  • Forked and separated into two packages
  • Lowest supported versions are now netstandard2.0 and .Net 4.7.2.

Common Pitfalls

  • Ideally use PasswordToken.FromPassCode methods for low security, demonstration or test purposes only. Using this methods implies the passcode is held somewhere in memory by your code. This is most likely to be completely unprotected.

  • Don't use the secret key and ManualEntryKey interchangeably. ManualEntryKey is used to enter into the authenticator app when scanning a QR code is impossible and is derived from the secret key (discussion example)

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 is compatible.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (3)

Showing the top 3 NuGet packages that depend on TwoFactorAuthenticator:

Package Downloads
TwoFactorAuthenticator.QrCoder

Two-Factor authentication library - QR code generator.
TwoFactorAuthenticator.WinForms

Two-Factor authentication library - Windows.Forms controls
TwoFactorAuthenticator.Presentation

Two-Factor authentication library - Windows Presentation Foundation controls

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.2.1 186 2/10/2026
1.2.0 556 10/30/2024
1.1.2 114 10/29/2024
1.1.0 2,912 10/7/2022
1.0.1 746 8/30/2022
1.0.0 772 8/30/2022

- Addressed a problem with creation of PasswordToken having leading zeros.
     - Updated System.Security.Cryptography.ProtectedData from 6.0.0 to 7.0.1.