npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

better-auth-backup-codes

v0.0.1

Published

Backup codes plugin for Better Auth - Recovery codes for two-factor authentication

Downloads

2

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

koistyakoistya

Keywords

better-authauthauthenticationbackup-codesrecovery-codes2fatwo-factorsecurity

Readme

better-auth-backup-codes

Backup codes plugin for Better Auth - Recovery codes for two-factor authentication

Status

⚠️ Work in Progress - This package is under active development and not yet ready for production use.

Features (Planned)

  • 🔑 Recovery Codes - Generate secure backup codes for account recovery
  • 🔐 Cryptographically Secure - Use CSPRNG for code generation
  • 📊 Usage Tracking - Track which codes have been used
  • 🔄 Regeneration - Allow users to regenerate codes when needed
  • 📥 Download Options - Let users download codes as PDF or text
  • 🖨️ Print-friendly - Formatted for easy printing and storage
  • ⚠️ Low Code Warnings - Alert users when running low on codes
  • 🔒 Secure Storage - Hashed storage with proper salting
  • 📱 2FA Integration - Seamless integration with two-factor auth

Installation

npm install better-auth-backup-codes

Usage (Coming Soon)

import { betterAuth } from "better-auth";
import { backupCodes } from "better-auth-backup-codes";

const auth = betterAuth({
  plugins: [
    backupCodes({
      // Code generation settings
      codes: {
        count: 10, // Number of codes to generate
        length: 8, // Length of each code
        format: "XXXX-XXXX", // Code format (X = alphanumeric)
        charset: "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",
      },
      // Security settings
      security: {
        hashCodes: true, // Store hashed instead of plain text
        oneTimeUse: true, // Each code can only be used once
        requireCurrentPassword: true, // Require password to view codes
        notifyOnUse: true, // Notify user when backup code is used
      },
      // Warnings and limits
      warnings: {
        lowCodeThreshold: 3, // Warn when only 3 codes remain
        forceRegenerate: 0, // Force regeneration when 0 codes remain
      },
      // Events
      onCodeUsed: async (user, code) => {
        // Send notification email
        console.log(`Backup code used for user ${user.id}`);
      },
      onCodesRegenerated: async (user) => {
        // Log regeneration event
      },
      onLowCodes: async (user, remaining) => {
        // Alert user about low codes
      },
    }),
  ],
});

Security Best Practices

  • Store backup codes securely (hashed with salt)
  • Require current authentication to view/regenerate codes
  • Notify users immediately when a backup code is used
  • Encourage users to store codes in a safe place
  • Consider requiring backup codes for high-privilege accounts
  • Implement rate limiting on backup code attempts

License

MIT