Two-Factor Authentication Client for iOS

Overview

Authenticator

Two-Factor Authentication Client for iOS.

Build Status Codecov Latest Release MIT License

Authenticator is a simple, free, and open source two-factor authentication app. It helps keep your online accounts secure by generating unique one-time passwords, which you use in combination with your other passwords to log into supporting websites. The simple combination of the password in your head and the rotating passwords generated by the app make it much harder for anyone but you to access your accounts.

  • Easy: Simple setup via QR code, "otpauth://" URL, or manual entry
  • Secure: All data is stored in encrypted form on the iOS keychain
  • Compatible: Full support for time-based and counter-based one-time passwords as standardized in RFC 4226 and 6238
  • Off the Grid: The app never connects to the internet, and your secret keys never leave your device.

Screenshot of the Authenticator token list   Screenshot of the Authenticator QR Code scanner   Screenshot of the Authenticator token entry form

Getting Started

  1. Check out the latest version of the project:
git clone https://github.com/mattrubin/Authenticator.git
  1. In the Authenticator directory, check out the project's dependencies:
cd Authenticator
git submodule update --init --recursive
  1. Open the Authenticator.xcworkspace file.

If you open the .xcodeproj instead, the project will not be able to find its dependencies.

  1. Build and run the "Authenticator" scheme.

Managing Dependencies

Authenticator uses Carthage to manage its dependencies, but it does not currently use Carthage to build those dependencies. The dependency projects are checked out as submodules, are included in Authenticator.xcworkspace, and are built by Xcode as target dependencies of the Authenticator app.

To check out the dependencies, simply follow the "Getting Started" instructions above.

To update the dependencies, modify the Cartfile and run:

carthage update --no-build --use-submodules

License

This project is made available under the terms of the MIT License.

The modern Authenticator grew out of the abandoned source for Google Authenticator for iOS. The original Google code on which this project was based is licensed under the Apache License, Version 2.0.

Comments
  • Updated ios app, now it will not open, crashes on opening

    Updated ios app, now it will not open, crashes on opening

    App was working fine yesterday.

    I am on ios 10.3.2. After the update day yesterday, I can not use the app and not use the authenticator for my various logins, need a fix ASAP!

    crash 
    opened by njosephg 17
  • App Crashes when trying to manually add an entry

    App Crashes when trying to manually add an entry

    I have an iPhone 5c on iOS 10.3.3 running version 2.1.1 of the authenticator app.

    I have one entry which was added via the QR code which worked fine.

    I am now trying to add a new entry manually. I click the + symbol in the bottom right which loads up the camera. I then click on the "new entry" button in the top right to manually add data. The screen goes black and the app quits.

    I cannot update my iOS version as Apple do not support this device any more. I tried restarting my device and that did not fix the issue. I am not sure how to turn on crash reporting if I am honest.

    Happy to provide any additional information needed 🥇

    opened by JoshuaCrewe 14
  • I didn't save the token. Big oops or fixable?

    I didn't save the token. Big oops or fixable?

    Hi Matt, I didn't save the token when I used the 6-digit code I was given. And, I didn't write down the code either. Is there a way to find it or a floating token (she says with wry smile) somewhere in the recesses of my phone? I can't access my account without a numeric code. Any guidance you can give this beginner (seriously, my first attempt at this crazy business of authenticating) would be most appreciated. Many thanks.

    lost tokens 
    opened by Luddite88 9
  • Restored Encrypted iTunes Backup - No Codes!

    Restored Encrypted iTunes Backup - No Codes!

    I just restored an encrypted backup from an iPhone XS Max to an older iPhone 8 Plus and none of the 2FA tokens were restored!! The backup was encrypted and stored locally on my Mac. I still have access to the encrypted backup. Please advise how I can get the codes back. Thank you.

    Also, please advise on where/how the tokens are stored, in case I can restore them manually since I can always jailbreak the original iPhone to retrieve them from the filesystem if necessary.

    opened by SemoTech 8
  • Improved user experience for long list of codes

    Improved user experience for long list of codes

    As of today I am up to 31 codes in the app. This poses user experience challenges when looking for a specific code as I this is almost 5 pages of codes. I know I can manually rearrange the codes, but it'd be nice to have some other out of box or usability enhancements.

    Some ideas:

    • A search box/option - Allow a user to quickly locate a specific code by filtering them
    • Sort options - Allow a user to sort the codes, without manually rearrange them.

    I'm open to other ideas, such as #257 and #249 which would help in different ways.

    opened by adamcstephens 7
  • Groups codes by pairs or threes depending on character count

    Groups codes by pairs or threes depending on character count

    Purely an opinion but I find it easier to read two groups of three digits vs three groups of two digits.

    And for 8 digit length codes I would say two groups of four digits would be better than four groups of two digits.

    This change groups any code divisible by three into groups of three, divisible by two in pairs, otherwise no groupings.

    img_1ee0ac437151-1

    token display 
    opened by beaucollins 7
  • Settings screen for password digit grouping

    Settings screen for password digit grouping

    TL;DR: This PR adds a settings screen that allows the user to choose whether they prefer passwords rendered in groups of two digits or groups of three.


    This PR is the result of two separate issues I've been thinking about for a long time:

    1. Version 2.0 of the app changed how passwords are displayed: instead of showing the whole password as a single string of digits, the passwords are chunked into two-digit groups to make them easier to read and remember. Since then, several users of the app have reported that they have an easier time remembering six-digit passwords when they are chunked into groups of three digits. A pull request from @beaucollins proposed to change the chunk size dynamically based on the length of the password, but despite the cleverness of this approach, it never quite felt like the right solution to me. I avoided making any changes on this for almost a year, for a very simple reason – I personally find it much easier to read and remember passwords chunked into groups of two, and the handful of users I had originally asked for input felt the same way. (At least one user wrote in an App Store review that the two-digit grouping is the specific reason they use Authenticator over other two-factor apps.) I have been reluctant to make any changes when the current two-digit chunking strategy has been working for (anecdotally) most users.
    2. As long as I have been developing Authenticator, I have tried to keep the app as simple as possible. I want the app to be clear and straightforward for users, and I didn't want to add a settings screen with a bunch of potentially-confusing options. In addition to complexity for users, adding user settings increases the number of different states in which the app operates, and can make testing and debugging significantly more complicated. For these reasons, I've avoided adding a settings screen to the app.

    After thinking over the best way to present passwords that are readable and memorable for all users, I've concluded that the solution is to overcome my reluctance to add a settings screen to the app, and to add a toggle allowing the user to pick how they prefer for passwords to be grouped. Currently, the options are groups of two digits or groups of three digits. If I receive further user feedback on the issue, I will consider adding more options, but for now I want to keep things as simple as possible. While I think the approach of changing the chunk size based on password length is aesthetically pleasing, I have found in my conversations with users that preferred chunk size for ease of memorization seems constant for a given person, regardless of password length.

    I would love to hear what people think of this approach, and in particular to know whether this is is a satisfactory solution for those who prefer passwords in groups of three digits.

    Screenshot with passwords in groups of two digits Screenshot of settings screen with toggle for password grouping size Screenshot with passwords in groups of three digits

    token display 
    opened by mattrubin 6
  • Authenticator Not Working

    Authenticator Not Working

    Hello, I tried to get an authentication code today. I tapped on my app on my iPhone as usual and instead of a code appearing, the message "No Tokens" "Tap + to add a new token" appears. How do I fix this so that I can get to my email account? Kind regards, Jennifer

    lost tokens 
    opened by jendavis1 6
  • Reduce CPU load by reducing view update frequency

    Reduce CPU load by reducing view update frequency

    Based on the excellent work by @beaucollins in PR #224. My changes on top of that PR can be seen here.


    Currently, the app animates the progress ring and keeps token passwords up-to-date by using CADisplayLink to regenerate the view model and update the view at 60 frames per second. This is needlessly inefficient, and causes excessive processor load. Instead of updating the view every frame, it is sufficient to generate a new view model only when a token password has updated, and to use Core Animation to drive the progress ring.

    Animatable Progress Ring

    The drawing code for OTPProgressRing has been moved to a custom CALayer with an animatable progress property. The TokenListViewModel's ringProgress property has been replaced with a ProgressRingViewModel which specifies the start and end times of the current cycle of the animation. These values are used to configure a CABasicAnimation which drives the ring animation, removing the need for constant updates from a CADisplayLink. The progress ring now only needs to be updated with a new view model when a new cycle of the animation should begin.

    View Model Expiration Date

    The method which generates a view model for the token list (and for the root component) now returns a tuple containing both the view model and a nextRefreshTime. The AppController's display link has been replaced with a refresh timer, which is configured to fire at the nextRefreshTime and trigger an update of the view with a new view model.

    The app also now triggers a view update on applicationWillEnterForeground, to ensure the UI is up-to-date when the app returns from the background.

    Future Performance Considerations

    These changes reduce idle CPU usage from around 40% to less than 10%. The remaining CPU load is almost entirely caused by animating and redrawing the progress ring. Ideas for optimizing the drawing of the progress ring are discussed below.

    opened by mattrubin 5
  • I Accidentally Deleted An

    I Accidentally Deleted An "Old" Code. It Was The CURRENT One. Locked Out.

    The website I created a super safe password for ended up unable to read the app at first. So I tried again. It was able to read it the second time. So I figured I would delete the unreadable code to prevent future mishaps. Turns out, I somehow accidentally deleted the working code. Now, the website has me completely locked out due to being unable to authorize it with the app. How in the world can I reset it? Is there a way to reset it? Is there a way to remove this authentication from my account (even though I am locked out)? I spoke to the website support and they said I had to contact the app support directly. I am at a complete and utter loss here.

    lost tokens 
    opened by laurrel 5
  • Question: Why three two-digit groups?

    Question: Why three two-digit groups?

    The app used to have two three-digit groups (123 456) and a recent(ish) change made it three two-digit groups (12 34 56). What was the motivation behind this?

    I'd love the option to put it back to 123 456 as that is easier for me to remember.

    Love the app! Super simple and nothing more than you need. (Plus the fact you can't export is perfect, the way it should be!)

    token display 
    opened by mide 5
  • Lost 2 factor link

    Lost 2 factor link

    Hi mate, hope you can help I have changed phones and has this app of yours as a 2 factor rolling code. I can fond my initial setup. Please help me to try get it fixed? Thanks Michail

    opened by Mikenero84 0
  • Project roadmap

    Project roadmap

    Hello, I really appreciate your project, however it seems to have been abandoned since the last release was about 3 years ago. Is the project still alive? Do you have a roadmap? Thank you

    opened by alfredonodo 2
  • (Feature Suggestion) Add

    (Feature Suggestion) Add "Move Code to new device"

    In short: add the option to show a QR code (or copy/paste able secret key) to move a 2FA code to a new device and/or authentication app, with the caveat that Authenticator will delete it once moved.

    This retains the feature/security opinion that having the same code in two places defeats the point of 2FA whilst making moving codes a lot easier.

    Migrating to a new device can be a big pain, often because many apps and websites don't support renewing 2FA codes without also reissuing backup codes (which then take ages to write down if you prefer that to keeping a bunch of risky text files somewhere) or disabling and then re-enabling 2FA altogether which is (pedantically) a security issue itself. Not to mention the flurry of emails and notifications you have to clear up after renewing two dozen or so 2FAs.

    Currently Authenticator only supports migrating to a new iPhone with encrypted backups, which is OK but has some limitations - not everyone uses that backup method as it requires a second trusted device to back up to, and you need to have a recent backup. Some users might prefer to not have their codes backed up at all, given paper recovery codes are intended to be used if a device is lost.

    Secondly, this would allow for portability which IMO is a good thing, to allow moving to a different 2FA app if a user wishes to do so.

    Note also that the current policy of including codes in encrypted backups does mean you kan skirt the rule of not having the same code on two devices, so forcing a code to be deleted once moved using this suggested feature may be unnecessary/not really more secure, and instead the app would just strongly suggest deleting it once moved.

    opened by AngusP 1
  • Support for ios widget

    Support for ios widget

    I love your authenticator app. Fits the requirement of most companies (being offline, opensource etc.).

    One thing that would make it even better would support for widgets, like for instance: https://apps.apple.com/dk/app/authenticator-app/id1538761576

    opened by MortenVinding 5
  • Authenticator token disappeared for Facebook

    Authenticator token disappeared for Facebook

    Hello I used to have a token for Facebook 2FA. Now it is gone for some reason but my others are still there. Anyway I can recover it? Facebook says this is the only way to get in.

    opened by Masglobal-markus 2
Releases(2.1.2)
  • 2.1.2(Jun 1, 2019)

    By building the app with Xcode 10.1 instead of Xcode 10.2, this update fixes a crash that could occur when trying to manually enter a token on a 32-bit device (iPhone 5 or earlier).

    Source code(tar.gz)
    Source code(zip)
  • 2.1.1(Apr 26, 2019)

  • 2.1.0(Dec 22, 2018)

    • Added a new menu where a user can select whether they prefer passwords shown in groups of two digits or groups of three. (#290, #292)
    • Fixed a user interface bug that could occur after a user declined the app's request for camera access. (#293)
    Source code(tar.gz)
    Source code(zip)
  • 2.0.5(Sep 18, 2018)

  • 2.0.4(Apr 29, 2018)

  • 2.0.3(Apr 24, 2018)

    • Disabled swipe-to-delete on the token list, to prevent tokens from being accidentally deleted. To delete a token, first tap "Edit" and then tap the red delete button.
    • Fixed a bug where the app might crash when adding a token from an "otpauth://" URL.
    Source code(tar.gz)
    Source code(zip)
  • 2.0.2(Dec 9, 2017)

    • Improved the accessibility of manual token entry when using VoiceOver • Improved app efficiency, reducing energy usage and processor load by over 95%

    Source code(tar.gz)
    Source code(zip)
  • 2.0.1(Nov 8, 2017)

    • Added support for iPhone X
    • Fixed a bug where tokens were sometimes copied when trying to scroll the token list
    • Fixed button text color and font weight on iOS 11
    Source code(tar.gz)
    Source code(zip)
  • 2.0.0(Jun 8, 2017)

    Search & Filter

    Tap the new search field at the top of the token list to filter your tokens by issuer and account name.

    Easier to Read

    An updated font, improved typography, and better spacing make your passwords easier to read.

    Security & Backup Info

    For security reasons, tokens are stored only on one device, and are not included in iCloud or unencrypted backups. More information about security and backups has been added in the app.

    Also…

    • Haptic Feedback
    • Improved Error Messages
    • Many small improvements to polish and performance…
    Source code(tar.gz)
    Source code(zip)
  • 1.1.2.1(Sep 19, 2014)

    [NEW] Support for larger screen sizes.

    [FIX] Move token type to the advanced options section

    [DEV] Replace the token core with the OneTimePassword library

    Source code(tar.gz)
    Source code(zip)
  • 1.1.1(Jun 20, 2014)

  • 1.1(May 9, 2014)

    [NEW] Updated visual design.

    [NEW] Dedicated editing screen.

    [NEW] Default to QR code entry when the camera is available. (Manual token entry is still possible.)

    [NEW] Allow the user to specify an issuer string when manually entering a token.

    [DEV] Fixed a token generation bug on 64-bit devices introduced by compiling with Xcode 5.1.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.3(Dec 20, 2013)

    [NEW] Added an "Issuer" field for labeling tokens.

    [FIX] Removed support for MD5-based tokens.

    [FIX] Fixed a bug where token edits could be reverted if the password refreshed while editing.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.2(Dec 5, 2013)

    [FIX] Fixed a bug which prevented adding new tokens after a clean install.

    [NEW] Tokens which remain in your keychain after the app is uninstalled are now recovered when the app is reinstalled.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.1(Dec 5, 2013)

    [NEW] Updated app icon with brighter colors and better layout.

    [DEV] Refactored OTPRootViewController into OTPTokenManager and OTPTokenListViewController.

    Source code(tar.gz)
    Source code(zip)
The minimalistic, secure and open-source two-factor authentication app.

Einmal /ˈainmaːl/ German: once The minimalistic, secure and open-source two-factor authentication app. Features ♻️ Cross-platform — available on Andro

Incipher 75 Aug 21, 2022
Very simple swift wrapper for Biometric Authentication Services (Touch ID) on iOS.

SimpleTouch Very simple swift wrapper for Biometric Authentication Services (Touch ID) on iOS. Sample Project There is a SimpleTouchDemo target define

Simple Machines 117 Nov 15, 2022
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Installation PasscodeLock requires Swift 2.0 and Xcode 7 Car

Yanko Dimitrov 679 Nov 26, 2022
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Originally created by @yankodimitrov, hope you're doing well

Serge Velikan 203 Dec 6, 2022
The TouchID authentication mechanism implemented in Swift.

iOS-TouchID-Swift The TouchID authentication mechanism implemented in Swift About In iOS 8, Apple provides a new framework named LocalAuthentication w

Gabriel Theodoropoulos 24 May 20, 2018
Framework for biometric authentication (via TouchID) in your application

Features Requirements Communication Installation Usage Intro Biometric authentication availability Feature enabled/disabled for biometric authenticati

Igor Vasilenko 29 Sep 16, 2022
Use Apple FaceID or TouchID authentication in your app using BiometricAuthentication.

BiometricAuthentication Use Apple FaceID or TouchID authentication in your app using BiometricAuthentication. It's very simple and easy to use that ha

Rushi Sangani 804 Dec 30, 2022
LocalAuth - Another Fusion library to implement the local authentication using Biometry

FusionLocalAuth Another Fusion library to implement the local authentication usi

Vedant Jha 0 Jan 13, 2022
Pass for iOS - an iOS client compatible with Pass command line application.

Pass is an iOS client compatible with ZX2C4's Pass command line application. It is a password manager using GPG for encryption and Git for version control.

Mingshen Sun 1.3k Dec 26, 2022
iOS library for device fingerprinting. Does not require server APIs to work, fully client-side operation.

Lightweight iOS library for local device fingerprinting Installation (CocoaPods) # Podfile pod 'FingerprintJS' Note: If you've never used CocoaPods fo

FingerprintJS 45 Dec 17, 2022
A client library to multiplex connections from and to iOS devices

libusbmuxd A client library for applications to handle usbmux protocol connections with iOS devices. Features This project is a client library to mult

libimobiledevice 469 Dec 30, 2022
Oversecured Vulnerable iOS App is an iOS app that aggregates all the platform's known and popular security vulnerabilities.

Description Oversecured Vulnerable iOS App is an iOS app that aggregates all the platform's known and popular security vulnerabilities. List of vulner

Oversecured Inc 135 Dec 15, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

Kitura 122 Dec 16, 2022
CCCryptor (AES encryption) wrappers for iOS and Mac in Swift. -- For ObjC, see RNCryptor/RNCryptor-objc

RNCryptor Cross-language AES Encryptor/Decryptor data format. The primary targets are Swift and Objective-C, but implementations are available in C, C

null 3.3k Dec 30, 2022
Safe and easy to use crypto for iOS and macOS

Swift-Sodium Swift-Sodium provides a safe and easy to use interface to perform common cryptographic operations on macOS, iOS, tvOS and watchOS. It lev

Frank Denis 483 Jan 5, 2023
Helper functions for saving text in Keychain securely for iOS, OS X, tvOS and watchOS.

Helper functions for storing text in Keychain for iOS, macOS, tvOS and WatchOS This is a collection of helper functions for saving text and data in th

Evgenii Neumerzhitckii 2.3k Dec 28, 2022
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

KeychainAccess KeychainAccess is a simple Swift wrapper for Keychain that works on iOS and OS X. Makes using Keychain APIs extremely easy and much mor

Kishikawa Katsumi 7.2k Dec 30, 2022
A simple Swift Keychain Wrapper for iOS, watchOS, and OS X.

Latch A simple Swift 2.0 Keychain Wrapper for iOS, watchOS 2, and OS X. Usage A proper example of how to use Latch can be seen in the tests. import La

Danielle 56 Oct 25, 2022
A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.

SwiftKeychainWrapper A simple wrapper for the iOS / tvOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift. Prov

Jason 1.5k Dec 30, 2022