Django application that allows user authentication with two steps for additional security. The a first step with username and password and a second step with a one-time code such as the codes generated by soft token devices like [Google Authenticator][goog_auth].


  • Authentication with TOTP (Time-Based One-Time Password)
  • Authentication HOTP (HMAC-Based One-Time Password)
  • Support for the login in the admin site
  • Selective activation of two-step for the admin site, the main site or both
  • Support for authentication backup codes
  • Automatic adjustment for clock synchronization issues

Details on the installation and setup can be found in docs/install.rst. An example application is provided for two-step authentication integrated with django-registration and django-profiles.

[goog_auth] http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447