Secure Your Digital Life
with Zero-Knowledge 2FA.
An open-source, cross-platform authenticator that encrypts your secrets before they leave your device. You hold the keys, we just hold the encrypted data.
Why MyAuth?
Security Without Compromise
Built from the ground up with your privacy as the #1 priority.
Zero-Knowledge Architecture
We can't see your codes even if we wanted to. Your secrets are encrypted on your device using keys only you possess.
Secure Sync
Seamlessly sync your 2FA tokens across all your devices without compromising security. Lost your phone? Restore securely from the cloud.
Works Offline
No internet? No problem. Access your TOTP codes instantly, anywhere, anytime.
Features
Everything You Need
Packed with powerful features to keep your digital identity safe.
Biometric Lock
Secure your app access with Fingerprint or Face ID integration.
Easy Setup
Add accounts instantly by scanning QR codes or entering details manually.
Bring Your Own Server
Value privacy above all? Configure the app to use your own self-hosted backend.
Deep Link Support
Click otpauth:// links to automatically add accounts from other apps.
Standard Compliance
Generates RFC 6238 compliant codes (SHA1, SHA256, SHA512) supported by Google, GitHub, Amazon, and more.
Screen Shield
Built-in protection against screenshots and screen recording to prevent visual snooping.
Security Architecture
How We Keep You Safe
A multi-layered security approach that puts you in complete control.
Client-Side Hashing
Argon2idYour password never leaves your device in plain text. We use Argon2id, a memory-hard hashing algorithm, to derive your master key.
Military-Grade Encryption
AES-256 / RSA-2048RSA-2048 generates a unique key pair for your device. AES-GCM (256-bit) encrypts your private key locally using your master key.
Encrypted Transport
End-to-EndAll synchronization happens over HTTPS, but the payload itself is already encrypted. The server only sees blobs of ciphertext.
Secure Recovery
Recovery CodeLost your password? Recover access using a cryptographically generated Recovery Code that you (and only you) save during setup.
Take Full Control.
Don't trust our cloud? You don't have to. MyAuth is designed with a "Bring Your Own Server" architecture. Simply deploy the open-source backend on your own infrastructure and point the mobile app to your URL.
Complete data sovereignty is just a setting away.
Learn More About BYOSurl:https://myauth.yourdomain.com
encryption:client-side
sync:enabled
Your Server
Full data sovereignty
FAQ
Frequently Asked Questions
Got questions? We've got answers.
Technical Specifications
Framework
Flutter (Dart)
Encryption
AES-GCM, RSA-OAEP-SHA256
Hashing
Argon2id
Key Storage
Android Keystore / iOS Keychain
License
MIT / Open Source