AuthTwo app icon
Available on iOS, Android, PC & Mac

It's all about
security.

AuthTwo protects your accounts with encrypted TOTP codes, secure cross-device sync and a design built for speed.

DownloadLearn more
Desktop app

Your codes, always within reach

The AuthTwo desktop app lives in your menu bar. One keyboard shortcut is all it takes to open it, copy a code and get back to work.

  • Always-available floating window
  • Configurable global keyboard shortcut
  • One-click encrypted sync
  • Available on macOS & Windows
AuthTwo
Rechercher…
G
GitHub
--- ---
30
G
Google
--- ---
30
D
Discord
--- ---
30
C
Cloudflare
--- ---
30
A
Apple
--- ---
30
Features

Everything you need, nothing more

Built to be fast, reliable and secure from day one.

Standard TOTP

Compatible with all services (GitHub, Google, Discord…). Local generation compliant with RFC 6238, no intermediary server.

Encrypted sync

Sync your accounts between iOS, Android and Desktop with end-to-end AES-CBC encryption. Only your password has access.

Secure storage

Your secrets are encrypted and stored in the OS secure enclave on every platform. Never in plaintext on disk.

Desktop app

Native macOS and Windows app with menu bar icon, global shortcut and always-available floating window.

QR code import

Add accounts by scanning a QR code, importing a file, or entering manually. Encrypted export included.

Self-hosting

Connect via your own AuthTwo server. Your data transits only through your infrastructure, with no third-party dependency.

Zero telemetry

No diagnostic data, no tracking, no mandatory cloud dependency. AuthTwo contacts no external server without your explicit consent.

Security

Designed to never betray you

Every architectural decision in AuthTwo starts from a single principle: your secrets never leave your control.

End-to-end encryption

Your secrets are encrypted with AES-256 before leaving the device. The encryption key is derived from your password via PBKDF2 — the sync server only ever receives ciphertext.

PasswordPBKDF2AES-256Encrypted secrets

OS secure enclave

On mobile, secrets are stored in the Secure Enclave (iOS) or Keystore (Android). On desktop, in the Keychain via safeStorage. Never in plaintext on disk.

Biometric unlock

Face ID, Touch ID or Android fingerprint protect access to the app. Biometrics do not replace encryption — they condition access to it.

No telemetry

AuthTwo collects no diagnostic or usage data. Zero network calls without your explicit action.

Offline codes

TOTP codes are computed locally per RFC 6238. No network needed — they work even on a plane.

Trustless sync

The sync server is blind: it stores only encrypted blobs it cannot decrypt.

Download

On all your devices

A consistent experience on iOS, Android, macOS and Windows.

Host your own server
Sync and authentication on your own VPS. Your data never leaves your infrastructure.
GitHub