andOTP
andOTP is a two-factor authentication App for Android 4.4+
- Free • Open Source
- Authenticator App
- Password Manager
- QR Code Reader
- Android
- Android Tablet
Summary
Our users have written 8 comments and reviews about andOTP, and it has gotten 73 likes
- Developed by Jakob Nixdorf
- Open Source and Free product.
- Average rating of 4.6
- 32 alternatives listed
Popular alternatives
View allRecent user activities on andOTP
- headlines thinks Aegis Authenticator is an alternative to andOTP
- bendavidi liked andOTPbe
- alexjj added oneatuh as an alternative to andOTPal
Unlike FreeOTP you can export/save/backup your database.
Great open source app.
The developer is working on a new app that will have more futures but it will take some time to release it.
The developer said:
"I sadly have to admit that the part about the crypto of andOTP being pretty bad is true. This is partially due to the fact that I had absolutely no clue about cryptography and very little coding experience when I forked it. In the beginning I just wanted to add backup functionality but then feature request kept comming in and it kind of snowballed from there. By the point I had enough experience to actually somewhat know what I was doing the code was already pretty bad, which is why I decided to rewrite everything from scratch rather than trying to fix it. Sadly I currently have basically no time to work on it, so this will have to wait."
Just wanted to explain the bad crypto a bit, now I'm off to download you app and play with it a bit. I'm glad to see that there are more open source 2FA alternatives emerging.
"I just want to follow up on this and add that I just now finished fixing the backup encryption. It now uses proper key derivation (PBKDF2 with random salt and iterations). The next release will include this fix. The second point, where the output of the PBKDF2 is split, is still the same. But as /u/beemdevelopment said, it's not nearly as bad as the backup stuff. This part of the code is also only used for the internal database, not for the backups, which should limit it's impact on security a bit (since getting your hands on the internal database file should be way harder than getting a backup file). Nevertheless it will be fixed at some point as well, I just don't have enough time to work on it right now."
(Source)
Moved from Authy to andOTP, and I'm glad I did.
Pros:
• Everything is saved locally (no cloud backup)
• Beautiful UI
• Encrypted backup
Con:
• I need to remember to keep an additional backup of andOTP backup somewhere other than my phone
Highly configurable, allowing for manual entry or automatic from QR codes. Lots of icons for different applications/accounts. Able to backup!
Pros:
Much better than any other similar app!
The best and opensource!!! Safe and fast!