cryptography has built-in two factor support now.
otpauth is One Time Password Authentication, which is usually called as two steps verification. You may have heard it from Google, Dropbox and etc.
Installing otpauth is simple with pip:
$ pip install otpauth
or, with easy_install:
$ easy_install otpauth
Generate and validate an otp code is very simple:
>>> from otpauth import OtpAuth >>> auth = OtpAuth('secret') # a secret string >>> auth.hotp() # generate a count based code, default count is 4 330810 >>> auth.valid_hotp(330810) 4 >>> auth.hotp(2) # generate a count based code, count is 2 720111 >>> auth.valid_hotp(720111) 2 >>> auth.totp() # generate a time based code 828657 >>> auth.valid_totp(828657) True
You can create a QR code for Google Authenticator to scan:
>>> from otpauth import OtpAuth >>> auth = OtpAuth('secret') # a secret string >>> s = auth.to_uri('totp', 'Example:firstname.lastname@example.org', 'Foo') >>> import qrcode >>> img = qrcode.make(s)