2FAuth
Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Alternative to: google authenticator, authy, microsoft authenticator
2FAuth is a web-based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop use. It lets you scan QR codes, organize accounts into groups, and generate TOTP, HOTP, and Steam Guard security codes, with optional data encryption and WebAuthn security-key login.
2FAuth Docker Compose example
Self-host 2FAuth on your own server, homelab, or VPS starting from this Docker Compose example.
It runs 2FAuth in Docker containers using the official 2fauth/2fauth:latest image, with persistent volumes and automatic restarts preconfigured.
Review the environment variables and adjust them to your setup, save the file as compose.yml (or docker-compose.yml), and start the stack with docker compose up -d.
services:
2fauth:
image: 2fauth/2fauth:latest
volumes:
- data:/2fauth
restart: unless-stopped
environment:
# Display name of this 2FAuth instance, shown in the UI.
APP_NAME: "2FAuth"
# Application environment: "production" for a live instance, "local" for testing.
APP_ENV: "production"
# Enable verbose error screens. Keep "false" outside of debugging.
APP_DEBUG: "false"
# Full public URL where 2FAuth is reached. Used to build links and asset URLs.
APP_URL: "http://localhost:8000"
# Laravel encryption key protecting stored secrets. Must be a 32-byte key
# prefixed with "base64:". Generate a unique value per install and keep it stable.
APP_KEY: "base64:ppkbvJDIlKDv+HgCcgqHtN1gcvbYCDDSU7Y1Y0wBwqg="
# Database backend. "sqlite" keeps everything in the mounted volume with no extra service.
DB_CONNECTION: "sqlite"
# IANA timezone used for timestamps throughout the app.
APP_TIMEZONE: "UTC"
volumes:
data: Prefer a managed setup? WinterFlow installs, configures, and updates 2FAuth for you using this same Docker Compose configuration.