diff --git a/src/BaseEntity.php b/src/BaseEntity.php
new file mode 100644
index 0000000000..66acab1bb0
--- /dev/null
+++ b/src/BaseEntity.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Friendica;
+
+use Friendica\Network\HTTPException;
+
+/**
+ * The Entity classes directly inheriting from this abstract class are meant to represent a single business entity.
+ * Their properties may or may not correspond with the database fields of the table we use to represent it.
+ * Each model method must correspond to a business action being performed on this entity.
+ * Only these methods will be allowed to alter the model data.
+ *
+ * To persist such a model, the associated Repository must be instantiated and the "save" method must be called
+ * and passed the entity as a parameter.
+ *
+ * Ideally, the constructor should only be called in the associated Factory which will instantiate entities depending
+ * on the provided data.
+ *
+ * Since these objects aren't meant to be using any dependency, including logging, unit tests can and must be
+ * written for each and all of their methods
+ */
+abstract class BaseEntity extends BaseDataTransferObject
+{
+	/**
+	 * @param string $name
+	 * @return mixed
+	 * @throws HTTPException\InternalServerErrorException
+	 */
+	public function __get(string $name)
+	{
+		if (!property_exists($this, $name)) {
+			throw new HTTPException\InternalServerErrorException('Unknown property ' . $name . ' in Entity ' . static::class);
+		}
+
+		return $this->$name;
+	}
+}
diff --git a/src/Security/TwoFactor/Collection/TrustedBrowsers.php b/src/Security/TwoFactor/Collection/TrustedBrowsers.php
new file mode 100644
index 0000000000..659e16a5b5
--- /dev/null
+++ b/src/Security/TwoFactor/Collection/TrustedBrowsers.php
@@ -0,0 +1,10 @@
+<?php
+
+namespace Friendica\Security\TwoFactor\Collection;
+
+use Friendica\BaseCollection;
+
+class TrustedBrowsers extends BaseCollection
+{
+
+}
diff --git a/src/Security/TwoFactor/Factory/TrustedBrowser.php b/src/Security/TwoFactor/Factory/TrustedBrowser.php
new file mode 100644
index 0000000000..f190474a62
--- /dev/null
+++ b/src/Security/TwoFactor/Factory/TrustedBrowser.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace Friendica\Security\TwoFactor\Factory;
+
+use Friendica\BaseFactory;
+use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
+
+class TrustedBrowser extends BaseFactory
+{
+	public function createForUserWithUserAgent($uid, $userAgent): \Friendica\Security\TwoFactor\Model\TrustedBrowser
+	{
+		$trustedHash = Strings::getRandomHex();
+
+		return new \Friendica\Security\TwoFactor\Model\TrustedBrowser(
+			$trustedHash,
+			$uid,
+			$userAgent,
+			DateTimeFormat::utcNow()
+		);
+	}
+
+	public function createFromTableRow(array $row): \Friendica\Security\TwoFactor\Model\TrustedBrowser
+	{
+		return new \Friendica\Security\TwoFactor\Model\TrustedBrowser(
+			$row['cookie_hash'],
+			$row['uid'],
+			$row['user_agent'],
+			$row['created'],
+			$row['last_used']
+		);
+	}
+}
diff --git a/src/Security/TwoFactor/Model/TrustedBrowser.php b/src/Security/TwoFactor/Model/TrustedBrowser.php
new file mode 100644
index 0000000000..7acc237858
--- /dev/null
+++ b/src/Security/TwoFactor/Model/TrustedBrowser.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace Friendica\Security\TwoFactor\Model;
+
+use Friendica\BaseEntity;
+use Friendica\Util\DateTimeFormat;
+
+/**
+ * Class TrustedBrowser
+ *
+ *
+ * @property-read $cookie_hash
+ * @property-read $uid
+ * @property-read $user_agent
+ * @property-read $created
+ * @property-read $last_used
+ * @package Friendica\Model\TwoFactor
+ */
+class TrustedBrowser extends BaseEntity
+{
+	protected $cookie_hash;
+	protected $uid;
+	protected $user_agent;
+	protected $created;
+	protected $last_used;
+
+	/**
+	 * Please do not use this constructor directly, instead use one of the method of the TrustedBroser factory.
+	 *
+	 * @see \Friendica\Security\TwoFactor\Factory\TrustedBrowser
+	 *
+	 * @param string      $cookie_hash
+	 * @param int         $uid
+	 * @param string      $user_agent
+	 * @param string      $created
+	 * @param string|null $last_used
+	 */
+	public function __construct(string $cookie_hash, int $uid, string $user_agent, string $created, string $last_used = null)
+	{
+		$this->cookie_hash = $cookie_hash;
+		$this->uid = $uid;
+		$this->user_agent = $user_agent;
+		$this->created = $created;
+		$this->last_used = $last_used;
+	}
+
+	public function recordUse()
+	{
+		$this->last_used = DateTimeFormat::utcNow();
+	}
+}
diff --git a/src/Security/TwoFactor/Repository/TrustedBrowser.php b/src/Security/TwoFactor/Repository/TrustedBrowser.php
new file mode 100644
index 0000000000..6d708d3673
--- /dev/null
+++ b/src/Security/TwoFactor/Repository/TrustedBrowser.php
@@ -0,0 +1,98 @@
+<?php
+
+namespace Friendica\Security\TwoFactor\Repository;
+
+use Friendica\Security\TwoFactor\Model;
+use Friendica\Security\TwoFactor\Collection\TrustedBrowsers;
+use Friendica\Database\Database;
+use Friendica\Network\HTTPException\NotFoundException;
+use Psr\Log\LoggerInterface;
+
+class TrustedBrowser
+{
+	/** @var Database  */
+	protected $db;
+
+	/** @var LoggerInterface  */
+	protected $logger;
+
+	/** @var \Friendica\Security\TwoFactor\Factory\TrustedBrowser  */
+	protected $factory;
+
+	protected static $table_name = '2fa_trusted_browser';
+
+	public function __construct(Database $database, LoggerInterface $logger, \Friendica\Security\TwoFactor\Factory\TrustedBrowser $factory = null)
+	{
+		$this->db = $database;
+		$this->logger = $logger;
+		$this->factory = $factory ?? new \Friendica\Security\TwoFactor\Factory\TrustedBrowser($logger);
+	}
+
+	/**
+	 * @param string $cookie_hash
+	 * @return Model\TrustedBrowser|null
+	 * @throws \Exception
+	 */
+	public function selectOneByHash(string $cookie_hash): Model\TrustedBrowser
+	{
+		$fields = $this->db->selectFirst(self::$table_name, [], ['cookie_hash' => $cookie_hash]);
+		if (!$this->db->isResult($fields)) {
+			throw new NotFoundException('');
+		}
+
+		return $this->factory->createFromTableRow($fields);
+	}
+
+	public function selectAllByUid(int $uid): TrustedBrowsers
+	{
+		$rows = $this->db->selectToArray(self::$table_name, [], ['uid' => $uid]);
+
+		$trustedBrowsers = [];
+		foreach ($rows as $fields) {
+			$trustedBrowsers[] = $this->factory->createFromTableRow($fields);
+		}
+
+		return new TrustedBrowsers($trustedBrowsers);
+	}
+
+	/**
+	 * @param Model\TrustedBrowser $trustedBrowser
+	 * @return bool
+	 * @throws \Exception
+	 */
+	public function save(Model\TrustedBrowser $trustedBrowser): bool
+	{
+		return $this->db->insert(self::$table_name, $trustedBrowser->toArray(), $this->db::INSERT_UPDATE);
+	}
+
+	/**
+	 * @param Model\TrustedBrowser $trustedBrowser
+	 * @return bool
+	 * @throws \Exception
+	 */
+	public function remove(Model\TrustedBrowser $trustedBrowser): bool
+	{
+		return $this->db->delete(self::$table_name, ['cookie_hash' => $trustedBrowser->cookie_hash]);
+	}
+
+	/**
+	 * @param int    $local_user
+	 * @param string $cookie_hash
+	 * @return bool
+	 * @throws \Exception
+	 */
+	public function removeForUser(int $local_user, string $cookie_hash): bool
+	{
+		return $this->db->delete(self::$table_name, ['cookie_hash' => $cookie_hash,'uid' => $local_user]);
+	}
+
+	/**
+	 * @param int $local_user
+	 * @return bool
+	 * @throws \Exception
+	 */
+	public function removeAllForUser(int $local_user): bool
+	{
+		return $this->db->delete(self::$table_name, ['uid' => $local_user]);
+	}
+}
diff --git a/tests/src/Security/TwoFactor/Factory/TrustedBrowserTest.php b/tests/src/Security/TwoFactor/Factory/TrustedBrowserTest.php
new file mode 100644
index 0000000000..5b2b6111c9
--- /dev/null
+++ b/tests/src/Security/TwoFactor/Factory/TrustedBrowserTest.php
@@ -0,0 +1,62 @@
+<?php
+
+namespace Friendica\Test\src\Security\TwoFactor\Factory;
+
+use Friendica\Security\TwoFactor\Factory\TrustedBrowser;
+use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Logger\VoidLogger;
+use Friendica\Util\Strings;
+
+class TrustedBrowserTest extends \PHPUnit_Framework_TestCase
+{
+	public function testCreateFromTableRowSuccess()
+	{
+		$factory = new TrustedBrowser(new VoidLogger());
+
+		$row = [
+			'cookie_hash' => Strings::getRandomHex(),
+			'uid' => 42,
+			'user_agent' => 'PHPUnit',
+			'created' => DateTimeFormat::utcNow(),
+			'last_used' => null,
+		];
+
+		$trustedBrowser = $factory->createFromTableRow($row);
+
+		$this->assertEquals($row, $trustedBrowser->toArray());
+	}
+
+	public function testCreateFromTableRowMissingData()
+	{
+		$this->expectException(\TypeError::class);
+
+		$factory = new TrustedBrowser(new VoidLogger());
+
+		$row = [
+			'cookie_hash' => null,
+			'uid' => null,
+			'user_agent' => null,
+			'created' => null,
+			'last_used' => null,
+		];
+
+		$trustedBrowser = $factory->createFromTableRow($row);
+
+		$this->assertEquals($row, $trustedBrowser->toArray());
+	}
+
+	public function testCreateForUserWithUserAgent()
+	{
+		$factory = new TrustedBrowser(new VoidLogger());
+
+		$uid = 42;
+		$userAgent = 'PHPUnit';
+
+		$trustedBrowser = $factory->createForUserWithUserAgent($uid, $userAgent);
+
+		$this->assertNotEmpty($trustedBrowser->cookie_hash);
+		$this->assertEquals($uid, $trustedBrowser->uid);
+		$this->assertEquals($userAgent, $trustedBrowser->user_agent);
+		$this->assertNotEmpty($trustedBrowser->created);
+	}
+}
diff --git a/tests/src/Security/TwoFactor/Model/TrustedBrowserTest.php b/tests/src/Security/TwoFactor/Model/TrustedBrowserTest.php
new file mode 100644
index 0000000000..d895273744
--- /dev/null
+++ b/tests/src/Security/TwoFactor/Model/TrustedBrowserTest.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace Friendica\Test\src\Security\TwoFactor\Model;
+
+use Friendica\Security\TwoFactor\Model\TrustedBrowser;
+use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
+
+class TrustedBrowserTest extends \PHPUnit_Framework_TestCase
+{
+	public function test__construct()
+	{
+		$hash = Strings::getRandomHex();
+
+		$trustedBrowser = new TrustedBrowser(
+			$hash,
+			42,
+			'PHPUnit',
+			DateTimeFormat::utcNow()
+		);
+
+		$this->assertEquals($hash, $trustedBrowser->cookie_hash);
+		$this->assertEquals(42, $trustedBrowser->uid);
+		$this->assertEquals('PHPUnit', $trustedBrowser->user_agent);
+		$this->assertNotEmpty($trustedBrowser->created);
+	}
+
+	public function testRecordUse()
+	{
+		$hash = Strings::getRandomHex();
+		$past = DateTimeFormat::utc('now - 5 minutes');
+
+		$trustedBrowser = new TrustedBrowser(
+			$hash,
+			42,
+			'PHPUnit',
+			$past,
+			$past
+		);
+
+		$trustedBrowser->recordUse();
+
+		$this->assertEquals($past, $trustedBrowser->created);
+		$this->assertGreaterThan($past, $trustedBrowser->last_used);
+	}
+}