Adminer - OTP (2FA)

To require a One-time password (Two-factor authentication) for logging to Adminer:

  1. Scan this QR code to Google Authenticator or a similar application.
    QR code

  2. Download plugin.php and login-otp.php.

  3. Create this file:
    function adminer_object() {
    	include_once "./plugin.php";
    	include_once "./login-otp.php";
    	$plugins = array(
    		new AdminerLoginOtp(base64_decode('/4X4XluZut2/tw==')),
    	return new AdminerPlugin($plugins);
    // store original adminer.php somewhere not accessible from web
    include "../not-accessible-from-web/adminer.php";

  4. Then access Adminer via this file.
    Adminer login form

  5. Enter the OTP generated by the app (6 digits). OTP is derived from the current time so it's important to have the correct time on the phone and on the server.


Issuer: User:

Note: The unique secret was randomly generated on this server (and not stored anywhere). You might want to generate the secret and the QR code without using third-party, e.g. with a library or simple functions.