2FA Authenticator Apps in 2026: Which Ones Actually Protect You

2FA Authenticator Apps in 2026: Which Ones Actually Protect You _You didn't ask Google to store your 2FA seeds on its servers. It did it anyway._ Every time you log into your bank, your email, your crypto exchange, a small six-digit code stands between your account and everyone who wants in. That code is generated by an authenticator app — a TOTP token generator that derives a one-time password from a shared secret and the current time. The question rarely asked: who holds your secrets? Because the "shared secret" — the seed, the cryptographic key that generates every single one of your 2FA codes — has to live somewhere. And where it lives determines who can access it, who can back it up, and who can hand it over when a government comes knocking. We tested the six most popular authenticator apps on what actually matters: where your seeds are stored, whether the app is open source, what happens when you lose your phone, and what the company behind it can see. How TOTP Authenticator Apps Actually Work Before comparing apps, you need to understand what is happening under the hood. Every authenticator app that generates six-digit codes uses the same algorithm: TOTP, defined in RFC 6238 by the IETF in 2011. Here is the process: You enable 2FA on a website. The site generates a random secret key (usually 160 bits, represented as a Base32 string — that QR code you scan). The secret is shared. Both the website's server and your authenticator app now hold the same secret. This is the seed. It never changes. It never expires. It is the single most sensitive piece of data in the entire 2FA chain. Codes are generated locally. Your app combines the secret with the current Unix timestamp (divided into 30-second intervals), runs it through HMAC-SHA1, and truncates the result to six digits. This happens entirely on your device. No network request. No server call. The server verifies. You type the code. The server runs the same calculation with the same secret and the same timestamp. If the codes match, you are in. This means two things: Your authenticator app never needs internet access. The algorithm is purely local. Any app that requests network permissions is doing something beyond TOTP generation. The seed is equivalent to your account. Anyone who obtains your seed can generate valid 2FA codes indefinitely. They do not need your phone. They do not need a SIM. They just need the 16-character string encoded in that QR code. Where that seed is stored is the entire security question. Comparison: The Six Most Popular Authenticator Apps App / Platform / Open Source / Cloud Sync / Privacy Rating ——- / ————— / ——————- / —————— / ———————- Aegis / Android / Yes / No (local encrypted backup) / Best Ente Auth / All / Yes / E2E encrypted / Best Raivo / iOS / Yes / Optional (E2E encrypted) / Good Authy / All / No / Yes (cloud) / Fair Google Authenticator / All / No / Yes (Google account) / Fair Microsoft Authenticator / All / No / Yes (Microsoft account) / Fair Aegis (Android — Best for Privacy) Aegis is the gold standard for Android users. It is fully open source (GPLv3), audited, and available on F-Droid. Your TOTP seeds are stored in an encrypted vault on your device. The encryption key is derived from your password using Argon2id — there is no cloud backup, no account creation, no telemetry. What happens when you lose your phone: If you exported an encrypted backup to another device or storage medium, you can restore. If you did not, your seeds are gone. This is a feature, not a bug — the data exists only where you put it. Strengths: No internet permissions — the app physically cannot phone home Encrypted local backup with Argon2id key derivation Supports TOTP, HOTP, Steam Guard, and Yandex OTP formats Available on F-Droid (verifiable builds) Biometric unlock for the vault Weaknesses: Android only — no iOS version No cloud sync means you must manage your own backups Less polished UI than commercial alternatives If you use Android and want the most privacy-respecting authenticator, Aegis is the answer. Period. Ente Auth (Cross-Platform — Best Overall) Ente Auth is the only cross-platform open source authenticator with end-to-end encrypted sync. Your seeds are encrypted on your device before they leave it, using a key derived from your password. Ente's servers see only ciphertext. The app is available on iOS, Android, macOS, Windows, and Linux. What happens when you lose your phone: Your seeds are synced to Ente's encrypted cloud. Install the app on a new device, log in, and your tokens appear. The server never sees your plaintext seeds. Strengths: Fully open source (GPLv3) with reproducible builds End-to-end encrypted sync across all platforms No email required — you can create an account with just a username and password Offline mode works without any network connection Free tier available Weaknesses: Smaller team than Google or Microsoft — less institutional audit history Relatively new compared to incumbents (founded 2022) Encrypted sync requires you to remember your password — no recovery without it Ente Auth is the best option for people who need cross-platform sync without trusting Google, Microsoft, or Twilio with their seeds. Raivo OTP (iOS — Good, With Caveats) Raivo OTP was the iOS answer to Aegis — open source, local-first, with optional encrypted cloud backup via iCloud or WebDAV. It was acquired by Mobime in 2023, which raised concerns in the privacy community about the new owner's intentions and data practices. The app remains open source on GitHub, but the acquisition introduced uncertainty. Mobime has not been transparent about revenue sources or long-term plans. The app itself still works as advertised, and the code is still auditable. What happens when you lose your phone: If you enabled iCloud or WebDAV backup, you can restore. If not, your seeds are gone. Strengths: Open source (MIT license) Optional encrypted backup to iCloud or WebDAV Supports TOTP, HOTP, and Steam Guard Weaknesses: Acquired by Mobime — uncertain future and ownership transparency iOS only Less active development since the acquisition Raivo is still a reasonable choice for iOS users who want local-first storage, but the acquisition means you should monitor the project for any changes to permissions, telemetry, or data handling. Authy (Cross-Platform — Convenient but Closed Source) Authy, owned by Twilio (now The Telecom Company), was the first authenticator app to popularize encrypted cloud backup. It works on iOS, Android, Windows, macOS, and Linux. Your seeds are backed up to Twilio's servers, encrypted with a password you choose. The problem: Authy is closed source. You cannot verify what data Twilio collects, how they handle your seeds, or whether the encryption implementation is correct. You are trusting a telecom company — an industry not known for privacy — with the keys to every account you own. Authy also discontinued its desktop app and Apple Watch app in August 2024, forcing users onto mobile-only. The company has shown it will remove platforms at will, leaving users stranded. What happens when you lose your phone: Log in on a new device with your phone number and backup password. Your seeds sync from Twilio's cloud. This is convenient — but it means Twilio holds an encrypted copy of every seed you have. Strengths: Encrypted cloud backup is convenient Cross-platform (mobile only now) Supports TOTP and Twilio proprietary formats Weaknesses: Closed source — no way to audit encryption or data collection Phone number required for account creation (links your 2FA identity to your phone number, which is itself an attack vector) Twilio can see metadata: which accounts you have, when you add tokens, when you log in Desktop app killed in 2024 with short notice No export function — you cannot easily leave Authy (though community tools exist to extract seeds) Authy is better than SMS. But "better than SMS" is a low bar. Google Authenticator (Cross-Platform — The Default That Got Worse) Google Authenticator was the original TOTP app. For years, it was the simplest option: scan a QR code, get codes. No account. No cloud. No tracking. Seeds lived on your device and only your device. In April 2023, Google added cloud sync via your Google account. This means your seeds are now uploaded to Google's servers. Google claims the data is encrypted, but security researchers at Mysk found that the sync was not end-to-end encrypted at launch — Google could access the seeds stored on its servers. Google later added end-to-end encryption, but the incident exposed a fundamental problem: Google changed the security model of an app that millions of people chose specifically because it did not sync to the cloud. And it is closed source. You cannot verify what Google collects. What happens when you lose your phone: If cloud sync is enabled, your seeds are restored when you sign into your Google account on a new device. If you disabled sync (which you can still do in settings), your seeds are gone. Strengths: Simple, familiar interface Available on iOS and Android Cloud sync is convenient if you trust Google Weaknesses: Closed source — no way to verify encryption or data handling Cloud sync was added without end-to-end encryption initially Seeds stored on Google servers are accessible to Google and subject to government data requests (Google received over 150,000 government data requests in 2025) No export function on iOS (Android has limited export) Google's entire business model is data collection — handing it the keys to every 2FA-protected account is an unnecessary concentration of risk If you use Google Authenticator, disable cloud sync immediately and export your seeds to a more trustworthy app. Microsoft Authenticator (Cross-Platform — Enterprise Default) Microsoft Authenticator is the default choice in corporate environments because of deep integration with Microsoft 365 and Azure AD. It supports TOTP, push notifications for Microsoft accounts, and passwordless login. Like Google's app, it is closed source. Your seeds sync to your Microsoft account. Microsoft's privacy disclosure is extensive and permits broad data collection for "product improvement." What happens when you lose your phone: Restore from your Microsoft account backup. Encrypted, but not end-to-end — Microsoft holds the keys. Strengths: Deep integration with Microsoft enterprise products Supports push-based approval for Microsoft accounts (faster than TOTP) Available on iOS and Android Weaknesses: Closed source Seeds synced to Microsoft servers (not end-to-end encrypted) Microsoft's data collection practices are extensive Push-based approvals are vulnerable to MFA fatigue attacks — Microsoft added number matching as a mitigation, but the attack vector remains Fine for enterprise compliance. Not recommended for personal use. Why SMS 2FA Is Not 2FA If you are still receiving 2FA codes via SMS, you are not using two-factor authentication. You are using "something you know plus something your phone company can redirect to someone else." NIST Special Publication 800-63B, published in 2017, explicitly deprecated SMS as an out-of-band authentication method. The reason: SIM swapping. A SIM swap attack works like this: An attacker gathers your personal information (phone number, email, date of birth — all available from data broker databases that have been breached repeatedly). The attacker contacts your mobile carrier, impersonates you, and requests a SIM transfer to a new device. The carrier — often a minimum-wage customer service representative with inadequate verification procedures — approves the transfer. Your phone loses service. The attacker's phone now receives your calls and texts, including every 2FA code sent via SMS. The attacker logs into your accounts using your password (obtained from a breach database) and the 2FA code arriving on their phone. The FCC reported that SIM swap complaints increased 400% between 2021 and 2025. Cryptocurrency accounts, email, and banking are the primary targets. Attackers have stolen millions of dollars through SIM swaps that took minutes to execute. SMS 2FA is security theater. Switch to an authenticator app. Today. The Recovery Code Problem Every service that offers 2FA also provides recovery codes — those 16-character strings printed when you first enable 2FA. Most people save them in a note on their phone (which defeats the purpose) or ignore them entirely. Here is the reality: your recovery codes are as powerful as your 2FA seeds. Anyone with a recovery code can bypass 2FA entirely. They are single-use on most services, but if someone obtains them before you use them, they have full access. Best practices for recovery codes: Print them. Paper does not get hacked, phished, or accidentally uploaded to a cloud service. Store them separately. If your authenticator app is on your phone, your printed recovery codes should not be in the same bag as your phone. Use a dedicated offline password manager. Tools like KeePassXC store encrypted databases locally. Put your recovery codes in one. Never store them in the same cloud account you are protecting. A Google Doc with your Gmail recovery codes is a single point of failure. Hardware Keys: The Step Beyond Authenticator Apps Authenticator apps protect against SIM swapping and most phishing. They do not protect against sophisticated phishing attacks where a fake login page intercepts both your password and your TOTP code in real time — the code is valid for 30 seconds, which is plenty of time for an attacker to relay it. Hardware security keys (YubiKey, Nitrokey, SoloKeys) use the FIDO2/WebAuthn protocol, which is phishing-resistant by design. The key verifies the domain of the site you are logging into. A fake site will have a different domain, and the key will refuse to authenticate. For high-value accounts — your primary email, password manager, cryptocurrency — a hardware key is worth the $25-$55 cost. Use the authenticator app as a backup. Migration Guide: Switching Authenticator Apps Moving from one authenticator app to another requires re-enrolling each account individually. There is no universal export format (though some apps support partial export). Step-by-step: Before you start, ensure you have recovery codes for every account. If something goes wrong during migration, these are your lifeline. Install the new app alongside the old one. Do not delete the old app until you have verified every account works on the new app. For each account: - Log into the service - Disable 2FA - Re-enable 2FA - Scan the new QR code with your new authenticator app - Verify the new app generates valid codes - Save any new recovery codes Test every account before deleting the old app. Delete the old app only after confirming all accounts work. This is tedious. It is supposed to be. If migrating were trivial, stealing your seeds would be trivial too. Which App Should You Use Android: Aegis. No contest. Open source, no cloud, encrypted local backup, no internet permissions. Install from F-Droid for verifiable builds. iOS: Ente Auth. Open source with end-to-end encrypted sync. Raivo is an alternative if you want local-only storage, but the Mobime acquisition makes its long-term future uncertain. Cross-platform: Ente Auth. The only open source option with E2E encrypted sync across all platforms. Enterprise: Whatever your IT department mandates. You probably do not have a choice. Use a personal authenticator app for personal accounts. Avoid: Google Authenticator — closed source, seeds synced to Google servers Microsoft Authenticator — closed source, seeds synced to Microsoft servers Authy — closed source, phone number required, no export Any app that requests unnecessary permissions (camera for QR scanning is fine; contacts, location, and network access are not) The six-digit code on your screen looks the same regardless of which app generated it. The difference is what happens to the seed that generates it — who stores it, who can access it, and who gets it when a government sends a data request. Choose accordingly. —- _You didn't ask these companies to hold the keys to every account you own. They took them anyway. Use an app that respects your secrets — or at least one where you can verify that it does._ —- Related Reading: Client-Side Encryption Guide De-Google Playbook Browser Fingerprinting Defense Complete Data Deletion Guide