ente Auth

2FA is one of the most effective things you can do for your online security. Even if someone steals your password, they still can't get in without the second factor: a six-digit code that rotates every thirty seconds. The problem isn't 2FA itself. It's that most of the popular apps for generating those codes were built by companies that have no business being inside your security setup.

ente Auth is one of the exceptions. It's free, fully open source, and backs up your codes with end-to-end encryption(E2EE). Meaning ente can't read them and neither can anyone else should they get access to ente's servers. It works on every platform, syncs across unlimited devices, and if you'd rather not use the cloud at all, you can run it entirely locally without creating an account. That being said, by not creating an account you lose access to backups.

Do you really need a separate 2FA app if your password manager already handles TOTP(time-based one-time password)?

Both Proton Pass and Bitwarden can generate 2FA codes for you, which is convenient. But keeping your passwords and your 2FA codes in the same app creates a single point of failure. If someone gets into your password manager, they also get your second factor code. Using a separate 2FA app means an attacker needs to compromise two different apps on two different systems that are protected by two different passwords. For almost all accounts that's a level of separation worth having.

What makes ente Auth worth using

The E2EE backup is what sets it apart from most of the alternatives. Your codes get encrypted on your device before they ever leave it. It uses the same audited cryptography ente uses for their photo product. ente holds the backup but not the key. If you lose your phone you just log in on a new device and your codes are all there.

You can tag and search your codes, pin the ones you use most, add notes (also end-to-end encrypted), and import from other apps via QR code or bulk file. Export works the same way. You're never locked in.

It also does one thing most apps miss: it shows you the next code before the current one expires. Small thing, but it removes the frustrating wait when you're mid-login and the code flips.

One thing worth noting: ente Technologies is incorporated in the United States, which has broader government data request powers than somewhere like Switzerland or Iceland. In practice, this matters less than it would for a service that holds readable data. Because ente's encryption is zero-knowledge and audited there's nothing useful for them to hand over, even if compelled.

Is ente Auth the right choice?

If you want a 2FA app that works across all your devices, won't lock you in, and keeps your codes backed up in a way that even no one but you can read, it's the right pick. It's free, actively maintained, and meaningfully more trustworthy than the mainstream options that people default to. The only reason to look elsewhere is if you don't want your codes backed up to a server, in which case Aegis on Android is the better fit.

What to avoid

Authy used to be the standard recommendation for multi-device sync, and if you're already using it you don't need to panic. But don't choose it fresh in 2026 and consider moving away from it. It's closed source, owned by Twilio, and in 2024 attackers accessed 33 million phone numbers through the Authy API. There's also no clean export path, which means once you're in, getting out is painful. If you're currently using Authy and would like some help migrating to something more secure send me an email at hello@unlogged.is and I would be happy to help

Google Authenticator added cloud backup in 2023, but it's not end-to-end encrypted. Google can read your TOTP secrets, and for a company whose core business is advertising, that's not a company you really want holding your security codes.

Microsoft Authenticator is fine for corporate environments where IT manages everything centrally, but for personal use it collects telemetry, is closed source, and is designed to pull you deeper into the Microsoft ecosystem.