✦ v0.1.1 — Open Source

A secure, zero-knowledge desktop 2FA authenticator

Your TOTP secrets encrypted with AES-256-GCM. The key never leaves your device.

OtpVault — My Accounts
+
GitHub
github.com
482 139
Google
google.com
719 482
Microsoft
microsoft.com
203 847
Twitter
twitter.com
556 291

Built with security in mind

Every layer of OtpVault is designed to keep your secrets safe — from encryption to infrastructure.

🔒

Zero-Knowledge Encryption

Your vault is encrypted with AES-256-GCM before leaving your device. The encryption key is derived from your password using Argon2id and is never transmitted to any server.

☁️

Encrypted Cloud Backup

Your encrypted vault is automatically backed up to the cloud when you sign up or unlock. Sign in with the same email on any device to restore your codes — the server never sees plaintext data.

Blazing Fast & Lightweight

Built with Rust and Tauri, OtpVault uses a fraction of the RAM of Electron-based apps. It launches instantly, runs efficiently, and stays out of your way.

How it Works

Get started in three simple steps.

1

Create Your Encrypted Vault

Sign up with your email and password. Your password never leaves your device — it's used to derive your encryption key locally.

2

Add Your Accounts

Scan QR codes using your camera, upload a QR image, or enter the secret key manually. Supports SHA1/SHA256/SHA512, 6-8 digits, and custom step intervals.

3

Sync Securely to the Cloud

Your encrypted vault syncs automatically with Supabase. No unencrypted data ever touches the cloud — just seamless access across devices.

100% Open Source

Transparency you can trust. Every line of code is public and auditable.

MIT
License
Public
Source
CI/CD
Transparent Builds

OtpVault is open-source software under the MIT license. The entire build pipeline runs on GitHub Actions — from source to signed MSI installer. Anyone can verify that the binary matches the published source code, guaranteeing no hidden backdoors or tampering.

View on GitHub