A native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client built for iOS

Last update: Jan 8, 2023

Overview

A native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client built for iOS
^{Built by Tijme Gommers – Buy me a coffee via PayPal}

Features

Backup/sync (T/H)OTPs to iCloud automagically
Add custom issuer icons for your OTPs
Scan a QR code or add an OTP manually
Show the current and previous token
Search using powerful search capabilities
Optional FaceID or TouchID unlock
Export passwords as encrypted ZIP archives
It's fast (native, built in Swift 5)
It's secure (see the security policy for more information)
It's open-source (check the contribution policy)

Icons

Raivo enables you to add your own icons to OTPs. You can add your own icon via the Raivo icon repository. Make sure to read the contribution guidelines before making a pull request.

Migrating

The following migration guides walk you through the process of migrating from your existing OTP app to Raivo OTP.

Migrating from Authy to Raivo OTP

Issues

Issues or new features can be reported via the issue tracker. Please make sure your issue or feature has not yet been reported by anyone else before submitting a new one.

Security

If you discover a security vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. Please refer to the security policy for information on reporting vulnerabilities.

Privacy

Raivo does not collect personally identifiable information in any way. Please refer to the privacy policy for information.

License

Comments

It would be nice to have a static website for raivo.

Is your feature request related to a problem? Please describe. No it's not.

Describe the solution you'd like I would like for Raivo to have it's own static site. What i mean by this is that, i would like for this project to start it's own website to where people can visit it to find and download Raivo. Rather than forcing people to use the GitHub repo.

Additional context I would like for Raivo to have it's own static site. To make it easier for people to find, navigate, and download the application. The less technical people in the crowed won't probably even know what GitHub is and that's why i would recommend you look into this. You can host a website for free with GitHub pages and register a domain with namecheap.com or porkbun.com for example, to get a domain like "raivo.org", "raivo-otp.com", and or "theraivoproject.org".
Feature request Wontfix (by myself)

opened by therealmrmuffin 30
Can't select Personal iCloud as storage provider
Describe the bug While trying to select a storage provider, the option Personal iCloud is greyed out and cannot be selected. Is it because I'm on iOS 15 beta?

To Reproduce Go to initial setup and try to select storage provider.

Expected behavior It should be possible to choose Personal iCloud as a storage provider, or at least provide a message explaining why it is not available.

Screenshots Please note that the last option is also slightly clipped, as reported in issue #43

Smartphone

Device: iPhone X

OS: 15.0 beta

Version 1.2.2

Bug Extra input required
opened by elliotsoomro 17
Export is not working on iOS
Describe the bug Raivo OTP Version 1.4.0 (build-60)

The export functionality seems broken. When you click to export, it is creating a 22 bytes .zip archive that is empty when opened with a computer using 7zip. The archive doesn't require the password to be opened. When using export, I tried "Save to files" and also "Send email", but it doesn't change the fact that archive seems corrupted.

To Reproduce Steps to reproduce the behavior:

Go to 'Settings'

Click on 'Export OTPs to ZIP archive'

Click on 'Export'

See that the archive created is 22 bytes.

Save it or send it to a compteur.

Open it.

Expected behavior The archive should be larger. The archive should ask for a password. The archive should not be empty.

Smartphone (please complete the following information):

Device: iPhone 12

OS: iOS

Version: 15.5

Additional context It used to work fine with my device. It is the first time I try export since iOS 15.5 and since Raivo OTP update 1.4.0.
Bug
opened by Domessy 14
App crashes on adding code
Describe the bug The Ravio OTP IOS app crashes whenever I attempt to add a new code. To Reproduce Steps to reproduce the behavior:

Open any site you want to enable MFA for

Open the Ravio APP

Load the QR code

Click on save

the app crashes

Expected behavior I expect the app to save the code and not crash.

Screenshots N/A

Smartphone (please complete the following information):

Device: Iphone 7

OS: IOS 14.8

Version: 18H17

Additional context Log file from 5 attempts 2021-10-07 13:43:42 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:43:50 MainEntryViewController.tabBarController():62 VERBOSE: SearchStubController selectedIndex != 0 2021-10-07 13:43:55 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:43:55 LoadEntryViewController.viewDidLoad():35 VERBOSE: Loading Raivo OTP 2021-10-07 13:43:55 LoadEntryViewController.viewDidLoad():58 VERBOSE: Got syncer account succesfully 2021-10-07 13:43:55 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:43:55 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:43:55 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Auth 2021-10-07 13:43:56 StorageHelper.setPasscodeTriedAmount():188 VERBOSE: Setting passcode tried amount 2021-10-07 13:43:56 StorageHelper.setPasscodeTriedTimestamp():207 VERBOSE: Setting passcode tried timestamp 2021-10-07 13:43:56 AuthEntryViewController.attemptBiometrickUnlock():222 VERBOSE: Unlocked app via biometric 2021-10-07 13:43:56 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:56 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:56 BaseSyncer.enable():40 VERBOSE: Enabling syncer 2021-10-07 13:43:56 CloudKitSyncer.enableAccountChangeListener():202 VERBOSE: Enabling account change listener 2021-10-07 13:43:56 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Main 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:43:58 com.apple.cloudkit.operation-AFA4CEB3FB1EE4F5.callback StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:00 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:46:00 LoadEntryViewController.viewDidLoad():35 VERBOSE: Loading Raivo OTP 2021-10-07 13:46:00 LoadEntryViewController.viewDidLoad():58 VERBOSE: Got syncer account succesfully 2021-10-07 13:46:00 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:46:00 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:46:00 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Auth 2021-10-07 13:46:01 StorageHelper.setPasscodeTriedAmount():188 VERBOSE: Setting passcode tried amount 2021-10-07 13:46:01 StorageHelper.setPasscodeTriedTimestamp():207 VERBOSE: Setting passcode tried timestamp 2021-10-07 13:46:01 AuthEntryViewController.attemptBiometrickUnlock():222 VERBOSE: Unlocked app via biometric 2021-10-07 13:46:01 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:01 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:01 BaseSyncer.enable():40 VERBOSE: Enabling syncer 2021-10-07 13:46:01 CloudKitSyncer.enableAccountChangeListener():202 VERBOSE: Enabling account change listener 2021-10-07 13:46:01 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Main 2021-10-07 13:46:02 com.apple.cloudkit.operation-AE9A9B2F58F63CC9.callback StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:46:03 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:49:10 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:49:10 LoadEntryViewController.viewDidLoad():35 VERBOSE: Loading Raivo OTP 2021-10-07 13:49:10 LoadEntryViewController.viewDidLoad():58 VERBOSE: Got syncer account succesfully 2021-10-07 13:49:10 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:49:10 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:49:10 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Auth 2021-10-07 13:49:11 StorageHelper.setPasscodeTriedAmount():188 VERBOSE: Setting passcode tried amount 2021-10-07 13:49:11 StorageHelper.setPasscodeTriedTimestamp():207 VERBOSE: Setting passcode tried timestamp 2021-10-07 13:49:11 AuthEntryViewController.attemptBiometrickUnlock():222 VERBOSE: Unlocked app via biometric 2021-10-07 13:49:11 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:49:11 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:49:11 BaseSyncer.enable():40 VERBOSE: Enabling syncer 2021-10-07 13:49:11 CloudKitSyncer.enableAccountChangeListener():202 VERBOSE: Enabling account change listener 2021-10-07 13:49:11 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Main 2021-10-07 13:49:12 com.apple.cloudkit.operation-EE135B3615C88970.callback StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:51:55 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:51:55 LoadEntryViewController.viewDidLoad():35 VERBOSE: Loading Raivo OTP 2021-10-07 13:51:55 LoadEntryViewController.viewDidLoad():58 VERBOSE: Got syncer account succesfully 2021-10-07 13:51:55 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:51:55 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:51:55 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Auth 2021-10-07 13:51:57 StorageHelper.setPasscodeTriedAmount():188 VERBOSE: Setting passcode tried amount 2021-10-07 13:51:57 StorageHelper.setPasscodeTriedTimestamp():207 VERBOSE: Setting passcode tried timestamp 2021-10-07 13:51:57 AuthEntryViewController.attemptBiometrickUnlock():222 VERBOSE: Unlocked app via biometric 2021-10-07 13:51:57 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:51:57 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:51:57 BaseSyncer.enable():40 VERBOSE: Enabling syncer 2021-10-07 13:51:57 CloudKitSyncer.enableAccountChangeListener():202 VERBOSE: Enabling account change listener 2021-10-07 13:51:57 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Main 2021-10-07 13:51:57 com.apple.cloudkit.operation-EDB10FEB6E7790B3.callback StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:04 global.initializeFileLogging():62 VERBOSE: File log destination initialized 2021-10-07 13:52:04 LoadEntryViewController.viewDidLoad():35 VERBOSE: Loading Raivo OTP 2021-10-07 13:52:04 LoadEntryViewController.viewDidLoad():58 VERBOSE: Got syncer account succesfully 2021-10-07 13:52:04 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:52:04 StateHelper.getCurrentState():94 VERBOSE: State: ENCRYPTION_KEY_UNKNOWN 2021-10-07 13:52:05 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Auth 2021-10-07 13:52:06 StorageHelper.setPasscodeTriedAmount():188 VERBOSE: Setting passcode tried amount 2021-10-07 13:52:06 StorageHelper.setPasscodeTriedTimestamp():207 VERBOSE: Setting passcode tried timestamp 2021-10-07 13:52:06 AuthEntryViewController.attemptBiometrickUnlock():222 VERBOSE: Unlocked app via biometric 2021-10-07 13:52:06 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:06 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:06 BaseSyncer.enable():40 VERBOSE: Enabling syncer 2021-10-07 13:52:06 CloudKitSyncer.enableAccountChangeListener():202 VERBOSE: Enabling account change listener 2021-10-07 13:52:06 ApplicationDelegate.setCorrectStoryboard():158 VERBOSE: Changing Storyboard: Main 2021-10-07 13:52:07 com.apple.cloudkit.operation-40E6B81E095B2D1C.callback StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE 2021-10-07 13:52:08 StateHelper.getCurrentState():98 VERBOSE: State: DATABASE_AND_ENCRYPTION_KEY_AVAILABLE
Bug
opened by FrankSh0rty 13
Unencrypting exported ZIP not working with 7-Zip
A quick summary and/or background

I am not able to unencrypt the exported Raivo OTP backup on Windows 10 with 7-Zip

Steps to reproduce

Set up app

Export encrypted OTPs to iCloud

Extract successfully with password on iOS

Copy zip from iCloud to Windows

Extract with same (copied) password causes error on Windows

What you expected would happen

The .json and .html files are successfully extracted from the zip archive.

What actually happens

The .json and .html files are empty and an error is shown indicating a false password

Notes

Password is 32 characters and consists of ascii and special symbols \:<‘,/;

App version 1.4.3
Extra input required
opened by makua-bernal 10
Use AES-256 as encryption method for zip export

When exporting OTPs to a ZIP archive the file is encrypted with the encryption password. The encryption method used is ZipCrypto, which basically is broken. Would it be possible to switch to AES-256?
Feature request

opened by jknockaert 9
£ symbol in master password prevents decryption of exported zip
Describe the bug If the master password contains the £ (British currency) character, 7-Zip fails to decrypt an encrypted data export from Raivo. The error message given by 7-Zip is simply "Wrong password". This is with the latest version of Windows 10 Pro 64-bit.

To Reproduce

Reset (or reinstall) Raivo.

Choose a master password which includes the £ symbol.

Acquire some OTPs.

Click on Settings, Export OTPs, Export, Mail

Send zip via email to Windows PC

Attempt to extract files from zip with 7-Zip using master password.

"Wrong password" error given by 7-zip.

Smartphone iPhone 7 iOS 14.7.1 (up to date)

Conjecture Could this arise because the £ symbol has different extended ASCII codes depending on which character set is being used? Maybe Raivo and 7-Zip employ different character sets? If so, other characters are likely to be affected. e.g. https://en.wikipedia.org/wiki/ISO/IEC_8859

I had no such trouble when including the & or ? characters (without £) in the master password. But these have ASCII codes under 128, so perhaps they are safer?

P.S. Apologies if you also get this bug notification on the Raivo Freshdesk site. I tried to submit it there a few days ago (as a guest, without registering), but was unable to create an account afterwards to check the ticket.
Bug
opened by bluto32 8
Please allow hiding the "previous token" in options.

Is your feature request related to a problem? Please describe. Having a bunch of numbers on the screen is a distracting with my poor eyesight.

Describe the solution you'd like Removing any excess numbers would be very helpful. Adding an option to hide the previous token from the list and centering the current token would be much easier to read.

Describe alternatives you've considered Removing/hiding the previous token would be ideal, but if not an option then increasing the font size of the tokens might be a viable alternative.
Feature request

opened by KuJoe 7
FaceID option not present, only TouchID.
Describe the bug Description says 'Optional FaceID or TouchID unlock. However, on iPhone XS the only option I have is to enable TouchID. Selecting this option asks for the iPhone PIN with iPhone XS. Deselecting does not provide an option for FaceID.

To Reproduce Steps to reproduce the behavior:

Go to 'Settings'

FaceID option is missing

Expected behavior The option for FaceID or TouchID should be relevant to the device which the application is running on. Devices that do not posses TouchID should not have the option, and vice-versa with FaceID.

https://developer.apple.com/documentation/localauthentication/logging_a_user_into_your_app_with_face_id_or_touch_id

Screenshots

Smartphone (please complete the following information):

Device: iPhone XS

OS: iOS 12.4

Version: Raivo 0.0.10

Bug
opened by mil1i 7
One-time passwords not showing on Mac even after linking it to app on iOS several times. (solved, there was no bug)
Describe the bug One-time passwords not showing on Mac even when all the iCloud setting are set correctly and even when I linked the iOS app to Mac app correctly several times.

To Reproduce Steps to reproduce the behavior:

Go to 'Settings'

Click on 'Receivers'

Link Mac with scanning the QR code

Nothing happens on Mac

Expected behavior One-time passwords showing on Mac app

Smartphone (please complete the following information):

Device: [iPhone12Pro]

OS: [iOS15.6]

Version [19G71]

Additional context Desktop

Device: [MacBookAir(M1, 2020)]

OS: [MacOSMonterey12.5]

Version [21G72]

Bug
opened by rembal1230 6
Passwords layout

I could not find the ability to change the location of passwords in the application.

I want them to be moved up or down when I hold down the passwords. This feature is available in authy.

Can you do this to make the app better?
Feature request

opened by caglaryalcin 6
FIDO U2F Integration

Is your feature request related to a problem? Please describe.

Nowadays hundreds of companies are adding support for physical security keys, the most secure methods of authentication to date. Being an owner of a few security keys, It would be beneficial for me to lock my OTP Management App with these keys.

Describe the solution you'd like

Add integration for FIDO U2F on macOS and iOS. More users will feel safer knowing only their key(s) will be able to open their app to gain access to the codes they need for logging into any account.

Describe alternatives you've considered

N/A

Additional context

Possibly add backup codes for the user to write down or even download in case they lost their security key.
Feature request

opened by Bubbycolditz 0
Allow creation of multiple Raivo accounts/vaults on the app with separate encryption keys
Is your feature request related to a problem? Please describe. I have multiple entities I need to use 2FA for such as home, work, personal startup, etc... and currently I am using the same authenticator for all of them. It would be great to be able to have separate encryption keys for each of the entities so I can choose which accounts/vaults to import on a new device.

I was also affected by the LastPass breach where I stored my Raivo encryption key. To continue using Raivo I would have to perform multiple, time-consuming steps to update the 2FA for all of my accounts:

Install a different authenticator app

Update 2FA for all of my accounts on the new authenticator app

Sign out of Raivo

Delete the synchronisation file (not even sure how to do this)

Log in to Raivo

Create a new encryption password

Go back to update 2FA on all the previous sites with the new Raivo account

Describe the solution you'd like Allow users to create and manage additional accounts/vaults with separate encryption keys on the Raivo app. Users can open/collapse accounts/vaults in the Raivo app to reveal/hide TOTPs.

Describe alternatives you've considered I'm not aware of any other authenticator app that has this feature. The workarounds to this could be:

Install multiple authenticator apps each assigned to a separate entity. Kind of confusing to keep track of which authenticator app should be used when.

Switch to physical security keys, but same problem as above where it's confusing to keep track of in addition to the added inconvenience of carrying them around and risk of misplacing them.

Additional context This feature would also allow users to more easily migrate their existing TOTPs on Raivo to a new Raivo account in fewer steps. This would be particularly useful for users affected by data breaches such as the ones that occurred at LastPass in the past few months.
Feature request
opened by ThaiGQ 0
Ability to sync across multiple devices / accounts defined within Apple Family Sharing

Is your feature request related to a problem? Please describe. As a family with multiple iOS devices and various accounts shared across family members, we need the ability to share TOTPs across those family members defined by our Apple account family organizer.

Describe the solution you'd like Upon a new installation, provide the ability to register the device with the family organizer. If approved, all devices would then sync their TOTP database across all approved devices. Also, as the family organizer, there should be the ability to remove devices (or other accounts within the family) from the sync.

Describe alternatives you've considered I am not aware of any other alternative (other than another authenticator app).
Feature request

opened by Landshark77 1
OTP Font Color Toggle

Is your feature request related to a problem? Please describe. This is not related to a problem. When using dark mode I find it harder to read the red font for the OTP codes.

Describe the solution you'd like It would be nice to have a color toggle for the OTP codes, to toggle from the red color to white or grey.

Describe alternatives you've considered Having a dark/ light theme toggle for the app specifically could alleviate the issue, without having to change the theme system wide.
Feature request

opened by zackaryssmith 0
Migrate from Authy to Ravio doesn't protect from Authy breach
Describe the bug When you migrate from Authy to Ravio following this link, the same QR codes will stick work with Authy. If Authy were to suffer from a breach like LastPass or if hacker tricks Authy customer agent then Ravio wouldn't help since the hacker can access user codes through Authy.

https://tij.me/blog/migrating-your-one-time-passwords-from-authy-to-raivo-otp/

To Reproduce Steps to reproduce the behavior:

Go to https://tij.me/blog/migrating-your-one-time-passwords-from-authy-to-raivo-otp/

Expected behavior The migration page should mention this danger and instead advocate users to create new tokens altogether instead of re-using the ones from Authy. When web applications create new tokens then the ones on Authy automatically expire and are no longer vulnerable.
Bug
opened by xuhu55 0
Optional Master Password Reminder

Is your feature request related to a problem? Please describe. No, it's not related to a problem. I would like there to be optional periodic reminders asking you for your master password so that you can enter them which helps to remember the password. The reason is because I use a very strong and totally random master password that I memorize. However I need to constantly use it to recall it. I'm not willing to re-use a master password with other applications for obvious reasons so there needs to be a way for me remember it. Memory is safer than writing on paper which can get stolen or lost.

Describe the solution you'd like I would like for there to be an option to have periodic reminders to enter your master password so that you can remember it through re-use. It's optional so users can close out of the reminder when it pops up or change settings so that it doesn't pop up.

Describe alternatives you've considered An acceptable alternative is to have the user be given an option to enter the master password everytime on login. Although this is overkill, it would be acceptable for me.

Additional context Authy periodically asks for your master password when using the app so you keep it fresh in your head. Once you enter it in, you are either happy that you remembered your password or it's incorrect and you realize you'll need to get the password again
Feature request

opened by xuhu55 0

Releases(build-70)

build-70(Dec 27, 2022)
Improvement(s):

Added new donation options.

Removed MacOS as runtime target.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-69(Dec 11, 2022)
Fixed bug(s):

Deadlock if TestFlight build expired and new version not yet released to the public (#191).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-68(Sep 11, 2022)
New feature(s):

Pin passwords to the top of the list (#9).

Donate section in settings screen.

Improvement(s):

Use AES-encryption for ZIP-archives (#153).

Fixed bug(s):

Alternate icons are now working on iPadOS (#161).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-67(Aug 21, 2022)
Bug fixe(s):

Password strength check during in iCloud recovery.

Infinite passcode rate-limit after device reboot.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-65(Aug 19, 2022)
Improvement(s):

Two new app icons (Pelican & Halo) that can be selected in the settings tab.

Fixed security issue(s):

Security issue with reference #1673423 reported via HackerOne.

Security issue with reference #1673469 reported via HackerOne.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-64(Aug 2, 2022)
Improvement(s):

Migrated issuer icon repository to GitHub pages with automated deployments.

Migrated support website to GitHub pages with automated deployments.

Applied website design to HTML file in ZIP-archive export.

Added explanation to offline sync status in settings.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-62(Jul 25, 2022)
Improvement(s):

ZIP archive export screen was partially blank when viewed on an iPad.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-61(Jul 22, 2022)
New feature(s):

Possibility to hide previous OTP (#125, thanks for this contribution @timskkim).

Improvement(s):

Explanation to enable iCloud Drive in setup (#64).

Changed springboard name from "Raivo OTP" to "Raivo" (#91).

Fixed bug(s):

ZIP-archive export broken since last update (#134).

ZIP-archive couldn't be extracted if it contained weird characters (#59).

Unable to scan QR-codes in dark mode (#137).

Unable to scan QR-codes with spaces in paths (#141).

App looks for QR-code after entering details manually (#142).

White icons not visible in light mode (#136).

Cannot configure iCloud sync when accessibility zoom is enabled (#43).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-60(Jan 29, 2022)
Improvement(s):

Migrated to MongoDBs' latest Realm framework

Migrated Valet to remove deprecated Keychain calls

Migrated unit-tests from TravisCI to Github Actions

Fixed bug(s):

In some cases encrypted AES-encrypted archives could not be extracted.

Side effect(s):

Increased deployment target from iOS 13 to iOS 14.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-58(Jan 23, 2022)
Improvement(s):

URI encoding in QR code URI generation.

Error handling in OTP QR code scan user story.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-59(Jan 23, 2022)
This is a TestFlight build for testing purposes with end-users.

Fixed bug(s):

Searching passwords could inverse the order (#76).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-57(Jan 23, 2022)
This is a TestFlight build for testing purposes with end-users.

Improvement(s):

Updated most of the dependencies to the latest version.

Fixed bug(s):

QR codes could sometimes not be read by other apps (#98).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-53(Sep 8, 2021)
Improvement(s):

Migrated from CocoaPods to Swift Package Manager

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-52(Sep 5, 2021)
Improvement(s):

Better error handling while working with the MacOS receiver.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-50(Sep 1, 2021)
New feature(s):

Compatibility for the upcoming MacOS receiver

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-39(Aug 15, 2021)
Fixed bug(s):

Prevented error on empty otpauth:// URI click

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-38(Aug 14, 2021)
New feature(s):

Possibility to change the app icon.

Improvement(s):

Force clear of icon cache on refresh click.

Show icon names in icon selection view.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-37(Jun 13, 2021)
New feature(s):

Changelog button in settings screen.

Fixed bug(s):

Loading state not dismissed after archive export (#48).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-36(Jun 8, 2021)
Improvement(s):

Sync status is now shown in the settings screen (#30).

Fixed bug(s):

Missing capital in title of setup screen.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-35(Jun 7, 2021)
Improvement(s):

New ZIP-archive export in SwiftUI that allows local backups (#24).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-34(Jun 7, 2021)
Fixed bug(s):

Content in HTML and JSON export did not match (#45).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-33(Jan 25, 2021)
Improvement(s):

Third party keyboards are disabled throughout the entire application (#27).

Fixed bug(s):

Raivo OTP could crash when tapping the bottom search button while adding a password manually.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-32(Jan 18, 2021)
Improvement(s):

Show extra context for "Personal iCloud" account (#26).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-31(Jan 18, 2021)
This is a TestFlight build for testing purposes with end-users.

New feature(s):

Support for iPadOS (#18).

Fixed bug(s):

Fixed invalid icon URL in HTML file in ZIP-archive export.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-30(Jan 17, 2021)
This is a TestFlight build for testing purposes with end-users.

Fixed bug(s):

Biometric unlock was not always allowed after the inactivity lock triggered (#25).

A malicious OTP issuer could trigger Cross-Site Scripting in the HTML file of the ZIP-archive export (#31).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-29(Feb 1, 2020)
New feature(s):

Support for otpauth:// link clicks (#14).

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-28(Jan 30, 2020)
This is a TestFlight build for testing purposes with end-users.

Improvement(s):

Smaller alert and notification banners.

Some color changes for dark mode.

More user friendly 'change passcode' flow.

Fixed bug(s):

The 'no results' password search page was not centered vertically.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-27(Jan 28, 2020)
This is a TestFlight build for testing purposes with end-users.

Improvement(s):

ZIP archive export now contains icons.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-26(Jan 28, 2020)
This is a TestFlight build for testing purposes with end-users.

Fixed bug(s):

Views had an incorrect offset if the keyboard was presented.

ZIP archive export failed in some cases.

FaceID could trigger multiple times.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)
build-25(Nov 27, 2019)
This is a TestFlight build for testing purposes with end-users.

Improvement(s):

Banner/alert icons are now animated.

Fixed bug(s):

FaceID/TouchID support was not detected in some cases.

Various spelling mistakes.

Please note that some versions have not been marked as a public release since they only contain development improvements.
Source code(tar.gz)
Source code(zip)