Auth_Yubico PHP class

The Yubico authentication PHP class provides an easy way to integrate the Yubikey into your existing PHP-based user authentication infrastructure. Installation is simple using PEAR.

The development community is co-ordinated via the Github project.


Make sure your PHP installation supports curl, and that you have installed PEAR. On Debian/Ubuntu systems:

apt-get install libapache2-mod-php5 php5-curl php-pear

Install the component by invoking:

pear install Auth_Yubico-2.6.tgz


Make sure that you have read Using a YubiKey OTP library before continuing.

This is an example of how you can use the Yubico.php inside an HTML *.php file:

 require_once 'Auth/Yubico.php';
 $otp = "ccbbddeertkrctjkkcglfndnlihhnvekchkcctif";

 # Generate a new id+key from
 $yubi = new Auth_Yubico('42', 'FOOBAR=');
 $auth = $yubi->verify($otp);
 if (PEAR::isError($auth)) {
    print "<p>Authentication failed: " . $auth->getMessage();
    print "<p>Debug output from server: " . $yubi->getLastResponse();
 } else {
    print "<p>You are authenticated!";

API demo

Provided in the package is also a script demo.php that demonstrates how you may use the package. The script is deployed here.

Example site

There is also a complete example site that demonstrates one-factor and two-factor mode. It requires a database to store the username and passwords. Database schema is in example/db.sql and configuration for the database needs to go into example/config.php.

The example site is deployed here.

Modhex Calculator

This package also includes Modhex_Calculator.php, a web page illustrating how to work with the modhex encoding. It is deployed here


The project is licensed under a BSD license. See the file COPYING for exact wording. For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval.