Android - Aegis Authenticator - 2FA open source

Aegis Authenticator, une application 2FA open source

I. Presentation

For several years, thetwo-factor authentication has become essential and the mobile is often used as a second authentication factor, whether to receive a code by SMS or to generate a single-use TOTP or HOTP code. For example, the TOTP method is to obtain a time-based one-time password.

On mobile, there are a lot of applications to generate these famous TOTP codes. First of all, we find applications from computer giants, such as Microsoft Authenticator and Google Authenticator, as well as applications from many publishers: Synology with Secure Signin, Sophos with Sophos Authenticator, Twilio with Authy, or even LastPass Authenticator.

We can also cite FreeOTP, published by Red Hat and whose source code is available on Github. Personally, I’m used to using FreeOTP and Microsoft Authenticator. Recently, an IT-Connect reader named Laurent M. and who will recognize himself made me discover Aegis Authenticator : a 2FA application that I tested, that I appreciated and that I decided to present to you!

II. Getting started with the Aegis Authenticator app

Aegis Authenticator is a mobile application that is used to generate one-time codes, and is therefore very useful for multi-factor authentication users. The particularity of the Aegis Authenticator application is that it is free, open source and that its source code is freely available on GitHub.

From a design and ergonomics point of view, the application is successful and easy to use. There are different graphic themes, including a light theme and a dark theme. I say this because it is important in the eyes of some! 😉 – The application is also multi-language, and it fully supports French. Entries can be added to a groupwhich allows you to organize your TOTP safe.

The “+” button allows you to add a new entry by scanning a QR code, an image or by manually entering the key associated with the authentication token. A search function makes it easy to find an account, and it is possible to sort the entries according to different criteria: alphabetically by account name, alphabetically by issuer or even by number of uses.

Aegis Authenticator offers the possibility to import credentials from other applications (FreeOTP, Google Authenticator, etc…) but this requires root access on the device, which is restrictive. Nevertheless, we have the possibility ofimport a file (TXT or JSON, for example) so justexport from source application and import data into Aegis. It’s good to know if you decide to test Aegis Authenticator and switch to this application.

Within applications of this type, security and the options offered are important. First of all, you should know that‘it is not possible to take screenshots of the applicationunless you activate the feature in the options: what I did in order to be able to illustrate my article.

The credentials contained in the Aegis vault are encrypted (AES-256)and to access its content, you must enter your master password or scan your biometric fingerprint. It’s both secure and convenient. When you use an encrypted safe (and only in this case), it is possible to create automatic backups on your smartphone storage.

Another possibility is that of hide codes when accessing the application to only reveal a code when pressed on the app interface. A little more.

Want to test the Aegis application? It is available on Android, both through the Google Play Store and F-Droid. Apple users meanwhile, will have to do without, as the app isn’t available on iOS and it doesn’t appear to be in the developers’ plans. Here are the download links:

Android – iOS,Android,Mobile,Sécurité,

#Aegis #Authenticator #une #application #2FA #open #source

Leave a Comment

Your email address will not be published. Required fields are marked *