skip to navigation
skip to content

django-two-factor-auth 0.3.1

Complete Two-Factor Authentication for Django

Latest Version: 1.7.0

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django’s built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google’s Two-Step Authentication, allowing users to authenticate through call, text messages (SMS) or by using a token generator app like Google Authenticator.

I would love to hear your feedback on this package. If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is currently translated into English, Dutch, Hebrew and Arabic. Please contribute your own language using Transifex.

Test drive this app through the online example app, hosted by Heroku. It demos most features except the Twilio integration. The example also includes django-user-sessions for providing Django sessions with a foreign key to the user. Although the package is optional, it improves account security control over django.contrib.sessions.

Compatible with Django 1.4, 1.5 and 1.6 on Python 2.6, 2.7, 3.2 and 3.3. Documentation is available at


Installation with pip:

$ pip install django-two-factor-auth

Add the following apps to the INSTALLED_APPS:


Add django_otp.middleware.OTPMiddleware to MIDDLEWARE_CLASSES. It must be installed after AuthenticationMiddleware:


Configure a few urls:

from django.core.urlresolvers import reverse_lazy
LOGIN_URL = reverse_lazy('two_factor:login')

Add the url routes:

urlpatterns = patterns('',
    url(r'', include('two_factor.urls', 'two_factor')),

Be sure to remove any other login routes, otherwise the two-factor authentication might be circumvented. The admin interface should be automatically patched to use the new login method.


  • Submit issues to the issue tracker on Github
  • Fork the source code at Github
  • Run the tests.
  • Send a pull request with your changes.
  • Provide a translation using Transifex.

Running tests

This project aims for full code-coverage, this means that your code should be well-tested. Also test branches for hardened code. You can run the full test suite with:

make test

Or run a specific test with:

make test TARGET=tests.tests.TwilioGatewayTest

For Python compatibility, tox is used. You can run the full test suite with:


See Also

Have a look at django-user-sessions for Django sessions with a foreign key to the user. This package is also included in the online example app.


The project is licensed under the MIT license.

File Type Py Version Uploaded on Size
django-two-factor-auth-0.3.1.tar.gz (md5) Source 2014-01-19 39KB