This module will allow you to add Time-based One-time Password algorithm (TOTP, also called "Two-Factor Authentication - TFA" or "Multi-Factor Authentication - MFA") support to user logins. It works with Google's Authenticator, Authy, FreeOTP and any other TOTP-based authenticator applications. It also supports the HMAC-based One-time Password algorithm (HOTP).

Drupal 8 and 9 - NO LONGER SUPPORTED!

The Drupal 8 and 9 version of this module used to provide a TOTP/HOTP plugin for the Two-Factor Authenticator module.

That functionality has been merged into that module, and removed from this one, emptying it completely. It is recommended to remove this module from any running site, and use instead an updated version of the TFA module.

Drupal 7

The Drupal 7 version of this module provides a standalone TFA implementation. It has less usage than the TFA Basic plugins module, which provides the equivalent plugin for Drupal 7. The TFA Basic plugins module is the recommended solution for TOTP tokens in Drupal 7.

The Drupal 7 module is minimally maintained. There won't be any new features, and even major bugs will probably not be fixed anymore. In other words, consider this version almost unsupported.

If you want to protect uid 1, you have to enable the option 'Protect my account with two-factor-authentication' on user/1/edit!

Drupal 7 Recommended Modules

This module now supports both QR Codes and Mobile Codes, although we recommend using Mobile Codes, because it has more flexibility (there is a default preset for Mobile Codes which can be altered to your need: different providers and adjustable options per provider).

Supporting organizations: 
Attiks
1xINTERNET
D8 and D9 support

Project information

Releases

7.x-1.7 Stable release covered by the Drupal Security Team released 14 August 2015
Works with Drupal: 7.x

Development version: 7.x-1.x-dev updated 14 Aug 2015 at 14:03 UTC

Using Composer to manage Drupal site dependencies