Auth_Yubico PHP class

This project is deprecated and is no longer being maintained. For more information and guidance on how to implement Yubico OTP support in applications, see

The Yubico authentication PHP class provides an easy way to integrate the Yubikey into your existing PHP-based user authentication infrastructure. Installation is simple using PEAR.

The development community is co-ordinated via the Github project.


Make sure your PHP installation supports curl, and that you have installed PEAR. On Debian/Ubuntu systems:

apt-get install libapache2-mod-php5 php5-curl php-pear

Install the component by invoking:

pear install Auth_Yubico-latest.tgz


Make sure that you have read Using a YubiKey OTP library before continuing.

This is an example of how you can use the Yubico.php inside an HTML *.php file:

 require_once 'Auth/Yubico.php';
 $otp = "ccbbddeertkrctjkkcglfndnlihhnvekchkcctif";

 # Generate a new id+key from
 $yubi = new Auth_Yubico('42', 'FOOBAR=');
 $auth = $yubi->verify($otp);
 if (PEAR::isError($auth)) {
    print "<p>Authentication failed: " . $auth->getMessage();
    print "<p>Debug output from server: " . $yubi->getLastResponse();
 } else {
    print "<p>You are authenticated!";

API demo

Provided in the package is also a script demo.php that demonstrates how you may use the package.

Example site

There is also a complete example site that demonstrates one-factor and two-factor mode. It requires a database to store the username and passwords. Database schema is in example/db.sql and configuration for the database needs to go into example/config.php.

Modhex Calculator

This package also includes Modhex_Calculator.php, a web page illustrating how to work with the modhex encoding. It is deployed here


The project is licensed under a BSD license. See the file COPYING for exact wording. For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval.