4.6 out of 5 with 7 ratings

andOTP Reviews

about andOTP · · Helpful Not helpful 3 Helpful Report as spam

Unlike FreeOTP you can export/save/backup your database.

reply

about andOTP · · Helpful Not helpful 2 Helpful Report as spam

Great open source app.

The developer is working on a new app that will have more futures but it will take some time to release it.

reply

about andOTP · · Helpful Not helpful 1 Helpful Report as spam

The developer said:
"I sadly have to admit that the part about the crypto of andOTP being pretty bad is true. This is partially due to the fact that I had absolutely no clue about cryptography and very little coding experience when I forked it. In the beginning I just wanted to add backup functionality but then feature request kept comming in and it kind of snowballed from there. By the point I had enough experience to actually somewhat know what I was doing the code was already pretty bad, which is why I decided to rewrite everything from scratch rather than trying to fix it. Sadly I currently have basically no time to work on it, so this will have to wait."

Just wanted to explain the bad crypto a bit, now I'm off to download you app and play with it a bit. I'm glad to see that there are more open source 2FA alternatives emerging.


"I just want to follow up on this and add that I just now finished fixing the backup encryption. It now uses proper key derivation (PBKDF2 with random salt and iterations). The next release will include this fix. The second point, where the output of the PBKDF2 is split, is still the same. But as /u/beemdevelopment said, it's not nearly as bad as the backup stuff. This part of the code is also only used for the internal database, not for the backups, which should limit it's impact on security a bit (since getting your hands on the internal database file should be way harder than getting a backup file). Nevertheless it will be fixed at some point as well, I just don't have enough time to work on it right now."
(Source)

reply

about andOTP · · Helpful Not helpful 1 Helpful Report as spam

Pros:

  • app password protection
  • encrypted backup/restore
  • search between added items
  • tab on code to show it (protection from screen readers and somebody who can look at you phone screen)
  • open source

Much better than any other similar app!

reply

about andOTP · · Helpful Not helpful Report as spam

Highly configurable, allowing for manual entry or automatic from QR codes. Lots of icons for different applications/accounts. Able to backup!

reply

about andOTP · · Helpful Not helpful Report as spam

The best and opensource!!! Safe and fast!

reply

about andOTP · · Report as spam

excellent interface and firngerprint support

reply