Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Recovery
Assessments

Recovery Laravel Package

pragmarx/recovery

Generate customizable recovery/backup codes for 2FA account recovery. Create arrays, JSON, or (Laravel) Collections, and tune how many codes to make plus blocks and characters per block for your preferred format and length.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Enhancing Security: Justifies investment in 2FA (Two-Factor Authentication) for user accounts, reducing fraud risk and improving compliance with security standards (e.g., GDPR, PCI-DSS).
  • Roadmap Prioritization: Aligns with a phased security rollout (e.g., "Q3: Implement 2FA for admin users; Q4: Extend to all users").
  • Build vs. Buy: Avoids reinventing the wheel for recovery code generation, saving dev time (~2-4 weeks) and reducing technical debt.
  • Use Cases:
    • High-risk applications (finance, healthcare, SaaS platforms).
    • User onboarding flows where friction must be balanced with security.
    • Legacy system upgrades needing modern auth without full overhauls.

When to Consider This Package

  • Adopt if:

    • Your app requires TOTP (Time-Based OTP) + recovery codes for 2FA.
    • You’re using Laravel and want a lightweight, MIT-licensed solution.
    • Your team lacks cryptography expertise (package handles secure random generation and HMAC validation).
    • You need backward compatibility (supports Laravel 5.5+).

  • Look elsewhere if:

    • You need SMS/email-based recovery (this is recovery codes, not channels).
    • Your stack isn’t PHP/Laravel (e.g., Node.js, Python).
    • You require enterprise-grade audit logs or hardware key (YubiKey) support (consider Auth0, Duo, or Firebase Auth).
    • The last release (2021) conflicts with your long-term maintenance needs (evaluate forks or alternatives like laravel-breeze’s 2FA).

How to Pitch It (Stakeholders)

For Executives: "This package lets us add bank-grade 2FA recovery codes with minimal dev effort—think of it as a ‘security shield’ for user accounts. For ~$0 cost, we reduce fraud risk without disrupting the user experience. Competitors like [X] charge $50+/user/year for similar features. Let’s pilot this for admins first, then scale."

For Engineering: *"We’re adding recovery codes for 2FA using pragmarx/recovery. It’s a 50-line Laravel integration that handles:

  • Secure code generation (cryptographically random).
  • HMAC validation (prevents tampering).
  • Laravel session integration (no extra DB schema needed). Pros: Lightweight, MIT license, active community. Cons: No SMS/email recovery (we’ll handle that separately). Estimated dev time: 1-2 days for MVP."*
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport
twbs/bootstrap4
php-http/client-implementation
phpcr/phpcr-implementation
cucumber/gherkin-monorepo
haydenpierce/class-finder
psr/simple-cache-implementation