beemdevelopment / Aegis

A free, secure and open source app for Android to manage your 2-step verification tokens.
https://getaegis.app
GNU General Public License v3.0
9.26k stars 388 forks source link
2fa android authenticator encryption fingerprint hotp otp secure totp

<img align="left" width="80" height="80" src="metadata/en-US/images/icon.png" alt="App icon">

Aegis Authenticator


Build Crowdin Donate Matrix

Aegis Authenticator is a free, secure and open source 2FA app for Android. It aims to provide a secure authenticator for your online services, while also including some features missing in existing authenticator apps, like proper encryption and backups. Aegis supports HOTP and TOTP, making it compatible with thousands of services.

For a list of frequently asked questions, please check out the FAQ.

The security design of the app and the vault format is described in detail in this document.

Features

Screenshots

<img width=200 alt="Screenshot 1" src="metadata/en-US/images/phoneScreenshots/screenshot1.png?raw=true"> <img width=200 alt="Screenshot 2" src="metadata/en-US/images/phoneScreenshots/screenshot2.png?raw=true"> <img width=200 alt="Screenshot 3" src="metadata/en-US/images/phoneScreenshots/screenshot3.png?raw=true"> <img width=200 alt="Screenshot 4" src="metadata/en-US/images/phoneScreenshots/screenshot4.png?raw=true">

<img width=200 alt="Screenshot 5" src="metadata/en-US/images/phoneScreenshots/screenshot5.png?raw=true"> <img width=200 alt="Screenshot 6" src="metadata/en-US/images/phoneScreenshots/screenshot6.png?raw=true"> <img width=200 alt="Screenshot 7" src="metadata/en-US/images/phoneScreenshots/screenshot7.png?raw=true"> <img width=200 alt="Screenshot 8" src="metadata/en-US/images/phoneScreenshots/screenshot8.png?raw=true">

Downloads

Aegis is available on the Google Play Store and on F-Droid.

<img height=80 alt="Get it on Google Play" src="https://play.google.com/intl/en_us/badges/images/generic/en-play-badge.png" /> <img height="80" alt="Get it on F-Droid" src="https://fdroid.gitlab.io/artwork/badge/get-it-on.png" />

Verification

APK releases on Google Play and GitHub are signed using the same key. They can be verified using apksigner:

apksigner verify --print-certs --verbose aegis.apk

The output should look like:

Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true

The certificate fingerprints should correspond to the ones listed below:

Owner: CN=Beem Development
Issuer: CN=Beem Development
Serial number: 172380c
Valid from: Sat Feb 09 14:05:49 CET 2019 until: Wed Feb 03 14:05:49 CET 2044
Certificate fingerprints:
   MD5:  AA:EE:86:DB:C7:B8:88:9F:1F:C9:D0:7A:EC:37:36:32
   SHA1: 59:FB:63:B7:1F:CE:95:74:6C:EB:1E:1A:CB:2C:2E:45:E5:FF:13:50
   SHA256: C6:DB:80:A8:E1:4E:52:30:C1:DE:84:15:EF:82:0D:13:DC:90:1D:8F:E3:3C:F3:AC:B5:7B:68:62:D8:58:A8:23

Icon packs

Aegis supports icon packs to make it easier to assign icons to the entries in your vault. There are no official icon packs, but the community maintains a number of third-party icon packs you may want to check out. To learn how to create your own Aegis-compatible icon pack, see the documentation.

* The icons are automatically generated, so not all of them are as high quality as the ones you'll find in aegis-icons.

Contributing

Looking to contribute to Aegis? That's great! There are a couple of ways to help out. Translations, bug reports and pull requests are all greatly appreciated. Please refer to our contributing guidelines to get started.

Swing by our Matrix room to interact with other contributors: #aegis:matrix.org.

License

This project is licensed under the GNU General Public License v3.0. See the LICENSE file for details.

A couple of libraries vendored in Aegis' repository are licensed under a different license: