Aegis Authenticator for Android (FOSS)


Thread author
Staff Member
Jan 8, 2011
Homepage: Aegis Authenticator - Brand new 2FA app for Android
Development: beemdevelopment/Aegis

Aegis Authenticator is a free, secure and open source app to manage your 2-step verification tokens for your online services.

  • AES-256 Encryption
  • Biometric unlock
  • Compatible with HOTP and TOTP algorithms
  • Groups (example; Personal, Work and Social)
  • Backups (export/import)

Play Store | Aegis Authenticator - Two Factor (2FA) app - Apps on Google Play
F-Droid | Aegis | F-Droid - Free and Open Source Android App Repository


Level 8
Jun 21, 2020
I switched from andOTP to Aegis Authenticator a little over a year go myself. Mainly for the features that Aegis offers additionally regarding the vault's encryption, it's unlocking and everything else is a nice thing to have at this point for me. A nice bonus on the side is that it looks more simplistic and better organized with some minor size customization features available. The tokens themselves are also encrypted, but i cant remember if andOTP also had that or not...

Most of the issues i had with it are probably fixed by now most likely. Essentially they do the same thing, though its nice that natively Aegis supports a dozen imports directly from both app-to-app (for example: Google, Authy, Microsoft and Steam) integration as well as token files. And for those few that use Blizzard Authentication there is a tutorial on their wiki beemdevelopment/Aegis/wiki#1-blizzard-authenticator to show how to get the app serial code for token transfer compatibility.

From the FAQ on the website: Aegis Authenticator - Brand new 2FA app for Android
  • What does your app offer that other 2FA apps do not?

    Compared to other 2FA apps, we think Aegis stands out in terms of its simplicity and security. Most popular apps like Google Authenticator and FreeOTP don't bother with additional security measures. They allow access to your tokens right after opening the app. Aegis, on the other hand, encrypts all of your tokens at rest and requires a password or the touch of a finger to decrypt them.

    Another important feature is the ability to export your tokens and import them into another device. Google Authenticator doesn't have this, which has not only annoyed users for years, but has also resulted in loss of access to lots accounts.

And andOTP has been in need for development help/contributions for a while now as well. The original maintainer of the app doesn't have as much time anymore to put into it which, for me personally, is fine. Though since i already switched i have more trust in the maintenance of Aegis, but that is a matter of preference if nothing else.
Help wanted:

I currently don't have that much time to spend developing andOTP, so any contributions are always welcome. Don't worry, I will still continue to develop andOTP it will just slow down from the incredible speed I had going in the beginning.

In short: they do the same thing, one just takes simplicity and functionality support a step further than the other. Cant go wrong with either, if you ask me. I just happen to prefer Aegis after having used both, albeit a far older version of andOTP as it's been over a year.

Edit: beemdevelopment/Aegis/blob/master/docs/vault - Explains the security design of the app and vault format in detail for those who understand and are interested in this.
Last edited: