Aegis Authenticator

Aegis Authenticator is the canonical privacy-respecting TOTP/HOTP app for Android — an open-source second-factor manager that stores your authenticator tokens in an encrypted local vault, supports proper JSON backups under your control, imports from most competing apps, and never phones home. Listed at Grade A because Aegis occupies the drop-in-replacement-for-Google-Authenticator slot with three structural improvements: encrypted vault (Google's app doesn't encrypt), exportable backups (Google's doesn't until very recently and even then via account-tied cloud), and zero cloud dependency (your tokens stay on your device).

Background. Aegis Authenticator was created by Alex Bakker (with a community contributor team) and has been actively developed since 2019. The project is open source under GPLv3 with the codebase at github.com/beemdevelopment/Aegis. Available on F-Droid (the canonical Android free-software store) and Google Play Store with identical signed builds. No iOS version — Apple's App Store policies and the team's resource constraints have kept Aegis Android-only; for iOS, the closest functional equivalent is Raivo (defunct) or Ente Auth (which has cross-platform builds — listed separately at xmr.club). Funded entirely by donations + contributor labour; no commercial entity behind the project, no SaaS upsell.

What you trust. Local-only storage — your TOTP secrets stay on your device, encrypted in the Aegis vault file. Aegis doesn't have a backend; there is no Aegis-operated server. Vault encryption — AES-256-GCM with scrypt key derivation (memory-hard, resistant to GPU/ASIC brute-force attacks against the vault passphrase). Biometric unlock support — fingerprint/face on Android via the OS keystore; the biometric is a UX shortcut on top of the passphrase, not a replacement for it. Open-source codebase + reproducible-build documentation — anyone can audit the source; the GitHub releases are reproducible. No phoning home — the app doesn't ship with analytics SDKs, doesn't request unnecessary permissions, and has no network requests in normal operation (the only network use is the optional "icons" feature that downloads logos for known services). Export format is JSON — the export is a documented JSON schema, encrypted with the vault password; you can decrypt it offline with a small Python script if needed, meaning your secrets are not locked to Aegis. What you don't trust: cloud sync — Aegis doesn't have it. If you want cross-device sync, you handle it via your existing file-sync mechanism (Nextcloud, Syncthing, manual export-and-import). This is intentional: there is no Aegis cloud to compromise.

Operational specs. Platform: Android only — F-Droid (canonical), Google Play (same signed APK), direct APK download from getaegis.app. Token types: TOTP (RFC 6238 — the standard 6-digit-every-30-second tokens), HOTP (RFC 4226 — counter-based, less common), Steam Guard (Valve's variant), Yandex (Russian variant). Algorithms: SHA-1, SHA-256, SHA-512. Digit lengths: 6, 7, 8 digit codes. Custom periods: configurable refresh interval per-token. Token capacity: unlimited (limited only by device storage). Categorisation: organise tokens into groups; search across the vault. Icons: optional auto-icon download for known services (this is the only network request the app makes); easily disabled. Backup: encrypted JSON export to local file, optional automatic backup to a folder of your choice. Import: imports from Authy, andOTP, FreeOTP, FreeOTP+, Google Authenticator (via QR scan), Microsoft Authenticator (via QR scan), Bitwarden, KeePassXC, plus generic OTP-URI scan. Permissions: Aegis requests minimal Android permissions — camera (for QR scanning), and storage (for backup file access). No location, no contacts, no phone state. Locale support: 30+ UI translations from community contributors.

Philosophy. Aegis's editorial differentiator is the local-first-with-controlled-backups posture. Cloud-based authenticators (Authy, Google Authenticator's new cloud-sync, Microsoft Authenticator's cloud-sync) make cross-device convenience the default, with the trade-off that the cloud operator becomes part of your second-factor trust surface. Aegis says: your second factor is too important to put in the cloud; keep it local, give the user explicit control over backups and sync. This isn't the right trade-off for users who prioritise convenience (cloud sync handles "I dropped my phone in the toilet"), but for users who treat the second factor as critical infrastructure, Aegis's local-first posture is the right model.

Grade rationale. Grade A reflects: open-source GPLv3 codebase; F-Droid + Google Play distribution with identical signed APKs; no cloud backend, no operator infrastructure; AES-256-GCM + scrypt vault encryption (strong, modern crypto); biometric unlock via Android OS keystore (UX shortcut, not crypto bypass); supports TOTP / HOTP / Steam Guard / Yandex token types; import from most competing apps (Authy, Google Auth, MS Auth, andOTP, etc.); JSON export format with documented schema (no vendor lock-in); minimal Android permissions (camera + storage only); 30+ language UI translations; 6+ years of operational continuity (since 2019); funded by donations only (no commercial pressure); named maintainer (Alex Bakker) with public GitHub presence; cross-listed in Privacy Guides as the recommended Android authenticator. Last verified 2026-05-13.

Useful when. You're an Android user wanting a TOTP/HOTP app that's local-first and doesn't require a cloud account. You're migrating off Google Authenticator (which has had historical issues: no encryption, lossy backups, account-tied cloud sync) and want a drop-in replacement. You want JSON-exportable backups that you control — store them in your KeePassXC password database, in encrypted cloud storage of your choice, or on a USB drive. You want a biometric-protected authenticator without trusting a cloud operator with your TOTP secrets. You're managing family or organisational second factors and want each device's tokens to stay isolated (each device has its own Aegis vault; no cross-device sync unless you set it up). You want a Yu-Aegis stack — pair Aegis (TOTP) with a YubiKey (hardware token for high-stakes accounts) for layered second-factor coverage.

Caveats. Android only — iOS users should use Ente Auth (cross-platform, also listed at xmr.club) or another iOS-friendly authenticator. No cross-device sync — feature, not bug, but a friction. Solutions: (1) export Aegis vault → store in KeePassXC database → sync via your existing KeePassXC sync setup, (2) export vault → store in Nextcloud / Syncthing folder, (3) maintain separate vaults per device with overlapping accounts. No web-based access — there's no "log into Aegis from a friend's computer" path; if you don't have your phone, you don't have your TOTPs. Backup discipline matters — losing your phone without a backup means losing access to every 2FA-enabled account. Each time you add a token, also save its backup recovery codes from the service; or keep your Aegis vault backed up to a place you can recover from. Storing TOTP next to passwords is a single-compromise risk — if a compromise reaches both your password manager and your TOTP authenticator, both factors are exposed. The right defence-in-depth pattern is to keep TOTP secrets on a separate device (Aegis on phone, passwords on desktop), and for high-stakes accounts use a hardware token (YubiKey, Solokey). Aegis import from Google Authenticator can be brittle — Google's app stores secrets in a custom encrypted format; import via QR scan works token-by-token but bulk export from Google Authenticator has had quirks across versions. Plan to add each token individually during migration. Biometric unlock isn't cryptographic strengthening — it's a UX shortcut backed by the OS keystore; if Android's keystore is compromised, biometric unlock can be bypassed. The vault passphrase remains the cryptographic root; don't make the passphrase weak just because biometric unlock is convenient. No SMS-based 2FA support — Aegis is for TOTP/HOTP; SMS-based 2FA is a separate (weaker) system. If a service only offers SMS-2FA, consider whether that service's security posture meets your standards.