Click the puzzle piece icon in the top-right corner of your Chrome toolbar.
Click the pin icon next to Authenticator app in the dropdown.
You're all set. Click the Authenticator app icon in your toolbar to add your first account.
No setup required. Just scan a QR code or enter a secret key.
Navigate to the security settings of a service like Google, GitHub, or Twitter and enable two-factor authentication to see the QR code.
Click the Authenticator app icon and choose Scan QR Code, Upload QR Image, or Manual Entry. The account is added immediately.
Click the extension icon anytime to see the current 6-digit code with a countdown timer. Copy it and you're done.
Drag to select any QR code visible on screen. The extension captures the region, decodes the code, and imports the 2FA account instantly — no screenshot app needed.
Have a QR code saved as a PNG or JPG? Upload the file directly and Authenticator app will decode and import the account automatically, without opening any other app.
Know your 2FA secret key? Type in the service name, account label, and Base32 secret to add the account directly — works with any TOTP-compatible service even without a QR code.
Change your master password, adjust the auto-lock timeout (1–60 min), export your vault as an encrypted backup, import codes from a backup file, or switch the display language.
Lock your vault immediately — all codes are hidden and encrypted until you re-enter your master password. The countdown timer shows how long until auto-lock activates.
Click the copy button — or tap the code itself — to instantly copy it to your clipboard, ready to paste into any login form.
The ring drains over 30 seconds — blue while safe, turning orange below 10 s and red below 5 s. A new code is generated automatically when it resets.
Hover over any account card to reveal the × button in the top-right corner. Click it to permanently remove that account from your vault.
Point to any QR code on screen and the extension detects and imports the account automatically — no photo needed.
Get fresh 6-digit codes every 30 seconds, with a countdown timer so you always know how long a code is valid.
Lock your vault with a master password. AES-GCM-256 encryption keeps your secrets safe, with auto-lock after inactivity.
Already have a QR code saved as an image? Upload it directly to add the account without needing to scan live.
Add accounts manually by entering the service name, account, and secret key — works with any TOTP-compatible service.
Export your entire vault as an encrypted backup and import it on any device — your data is never sent to a server.
Everything you need to know to get the most out of Authenticator app.
TOTP (Time-based One-Time Password) generates a unique 6-digit code every 30 seconds using a shared secret key and the current time. When you enable 2FA on a service, it gives you a QR code containing that secret. Authenticator app reads the QR code and generates the matching codes — no internet connection required.
Your account secrets are encrypted with AES-GCM-256. The encryption key is derived from your master password using PBKDF2 with 500,000 iterations. Your data never leaves your device and is never sent to any server.
Not automatically. Authenticator app stores everything locally in your browser. To move your accounts to another device, use the Export feature to create an encrypted backup file, then Import it on the new device.
If you forget your master password, there is no recovery mechanism by design — this is a security feature. We strongly recommend exporting an encrypted backup regularly and storing it somewhere safe.
Yes. Go to Settings in the extension and choose Export Codes. You will receive an encrypted backup file. To restore it, use Import Codes and enter your export password. The file is encrypted so it is safe to store in cloud drives.
TOTP codes are time-based — if your device clock is even slightly off, the generated code won't match the server. Make sure your system time is set to automatic sync (Settings → Date & Time → Set automatically). This is the most common cause of rejected codes.
Authenticator app stores all data locally in your browser's storage — nothing is sent to the cloud. Uninstalling Chrome or using a different device will not carry your accounts over. Always export an encrypted backup before reinstalling or switching devices, and import it afterward.
Some websites use strict Content Security Policy (CSP) headers that block the screen-capture library used for QR scanning. As a workaround, take a screenshot of the QR code and use the Upload QR Image button to import it from file — this bypasses the CSP restriction entirely.
The auto-lock feature protects your vault when your device is unattended. By default it locks after 5 minutes of inactivity. You can adjust this timeout (1–60 minutes) or disable it entirely in Settings → Auto-lock Timeout.
Unfortunately no. The vault is encrypted with AES-GCM-256 and there is no back door — not even we can decrypt it without your password. If you have no backup, you will need to re-add each account manually by going through the 2FA setup process on each service again. Going forward, keep a regular encrypted export stored somewhere safe.