Librairie en Php sous licence GNU LGPL qui implémente beaucoup de protocoles One Time Password (OTP) et qui est certifiée par le consortium Open AuTHentication (OATH) pour ses implémentation HOTP et TOTP. Dernière version observée 5.9.6.5 du 2023-07-07.

• https://github.com/multiOTP/multiotp
• https://github.com/multiOTP/multiotp/wiki

The multiOTP class can be used alone (for example to have strong authentication for your PHP based web application), as a command line tool (to handle users and have strong authentication using command line), as a web service (to provide centralized authentication for a client/server installation) or finally coupled with a radius server like TekRADIUS or FreeRADIUS to be able to have a strong two factor authentication through the RADIUS protocol for external devices like for example firewalls or captive portals.

The multiOTP class supports currently the following algorithms and RFC's:

• RFC 1994 CHAP (Challenge Handshake Authentication Protocol)
• RFC 2433 MS-CHAP (Microsoft PPP CHAP Extensions)
• RFC 2487 SMTP Service Extension for Secure SMTP over TLS
• RFC 2759 MS-CHAPv2 (Microsoft PPP CHAP Extensions, Version 2)
• RFC 2821 SMTP (Simple Mail Transfer Protocol)
• RFC 4226 OATH/HOTP (HOTP: An HMAC-Based One-Time Password Algorithm)
• RFC 5424 Syslog Protocol (client)
• RFC 6030 PSKC (Additional Portable Symmetric Key Container Algorithm Profiles)
• RFC 6238 OATH/TOTP (TOTP: Time-Based One-Time Password Algorithm)
• Yubico OTP (http://yubico.com/yubikey)
• mOTP (http://motp.sourceforge.net)
• OATH/HOTP or OATH/TOTP, base32/hex/raw seed, QRcode provisioning (FreeOTP, Google Authenticator, …)
• SMS tokens (using Afilnet, aspsms, Clickatell, eCall, IntelliSMS, Nexmo, NowSMS, SMSEagle, Swisscom LA REST, Telnyx, any custom provider, your own script)
• TAN (emergency scratch passwords)