Two-factor authentication stops the vast majority of automated account takeover attacks. Even SMS 2FA — the weakest form — is enough to defeat most credential stuffing campaigns because attackers are running at scale and move on when they hit friction. But if you're a targeted individual, SMS has real weaknesses (SIM swapping, SS7 interception), and TOTP apps themselves can be phished with a real-time relay attack. Understanding these distinctions changes which tool you should reach for.
The short version: use passkeys or hardware keys (FIDO2) for your most important accounts — email, banking, GitHub, anything where a takeover is catastrophic. Use a good TOTP app for everything else. The choice of TOTP app matters less for security than for recovery — what happens when you lose your phone.
How TOTP actually works — and where it fails
Every TOTP app does the same fundamental thing. When you enroll a service, it gives you a seed (secret key) — usually a QR code. Your app stores that seed and uses it with the current timestamp to generate a fresh 6-digit code every 30 seconds. The service does the same math and checks if your code matches.
The seed is the sensitive part. Whoever has it can generate valid codes. This is why local storage (Aegis) or end-to-end encrypted sync (Ente Auth) matters — you're protecting that seed from anyone who compromises the storage layer.
The phishing weakness: TOTP codes can be captured in real time. A convincing fake login page captures your password and your TOTP code simultaneously, then replays them to the real service before the 30-second window expires. This attack is not theoretical — it's used against high-value targets regularly. FIDO2/passkeys fix this by cryptographically verifying you're on the real domain. A fake site cannot complete authentication because the keys won't match. Use FIDO2 for anything you can't afford to lose.
Aegis Authenticator
Aegis is the best TOTP app for Android users who want maximum local control. Open source, no cloud, no account required, no telemetry. Your TOTP secrets are stored on-device in an AES-256-GCM encrypted vault protected by a password you set. The secrets never leave your device unless you explicitly export them.
The import/export story is excellent — Aegis can import tokens from Google Authenticator, Authy, FreeOTP, and Microsoft Authenticator without re-enrolling each service. Export options include encrypted JSON (for backup), plaintext JSON, and URI format. No lock-in.
The recovery risk is the tradeoff: if you lose your phone without a backup, you're locked out of every account. Aegis doesn't sync anywhere — recovery depends entirely on your encrypted backup file being somewhere safe. Set this up the day you install it. Export the encrypted backup, store it in your password manager or an encrypted drive. If you skip this step, you will regret it.
iOS users: Aegis is Android-only. The equivalent for iOS is Raivo (open source, local storage) or Ente Auth for cross-platform.
Ente Auth
Ente Auth solves the recovery problem Aegis leaves open. It's fully open source with end-to-end encrypted cloud sync — your seeds are encrypted client-side before they ever leave your device, and Ente's servers see only ciphertext. It works on Android, iOS, Windows, Mac, Linux, and web.
If you lose your phone, you reinstall Ente Auth on a new device, enter your credentials and recovery key, and your codes are back immediately. No waiting, no manual re-enrollment across 40 services. For anyone who values recovery speed — particularly people who can't afford downtime — this is a significant practical advantage over local-only apps.
The tradeoff vs Aegis: your trust model now includes Ente's E2E encryption implementation, not just your own device. Ente has been audited and the code is public, but you're depending on their cryptography being sound. For most users this is an entirely reasonable tradeoff. For the most paranoid threat models, local-only (Aegis) and manual backups keeps you in full control.
Authy — what happened and what to do
Authy was the dominant 2FA app for years. In 2026 it's a migration project, not a recommendation. Twilio (Authy's owner) discontinued the desktop app in March 2024 and has reduced investment in the product. The mobile app still works, but the long-term trajectory is uncertain and the privacy model has always been weaker than alternatives — Authy requires a phone number and ties your tokens to that number, which is a SIM-swap attack surface.
If you're currently on Authy and it's working: you're not in immediate danger. But migrate to Ente Auth or Aegis when you have time. Authy supports export, and both Aegis and Ente Auth can import Authy tokens cleanly.
Hardware keys: YubiKey and FIDO2
Hardware security keys (YubiKey being the most common, though Google Titan and others exist) store your authentication credentials in tamper-resistant hardware. FIDO2/WebAuthn — the modern standard they use — is phishing-resistant by cryptographic design. The key generates a challenge response that proves you're on the real domain. A fake site gets nothing useful.
The practical setup for high-value accounts: enroll two hardware keys (one primary, one backup stored separately), plus a TOTP app as a fallback. Services like GitHub, Google, Apple, and most financial institutions support FIDO2 in 2026. Use it where it's available.
YubiKey 5 series ($50–$75) supports FIDO2, TOTP (via Yubico Authenticator), and several other protocols. The TOTP functionality is interesting — seeds are stored on the key itself rather than your phone, so your codes require physical key presence. For high-value accounts this adds meaningful friction to any remote attack.
2FA app comparison
| App | Storage | Open source | Cross-platform | Recovery | Verdict |
|---|---|---|---|---|---|
| Aegis | Local only | Yes | Android only | Manual backup file | Best for Android |
| Ente Auth | E2E encrypted cloud | Yes | All platforms | Instant via recovery key | Best cross-platform |
| Authy | Proprietary cloud | No | Mobile only (2026) | Phone number tied | Migrate away |
| Google Authenticator | Google account sync | No | Mobile only | Via Google account | Acceptable, not recommended |
| YubiKey (FIDO2) | Hardware | Partially | Universal | Backup key required | Best for high-value accounts |
The practical setup
For most people, the right setup is: Ente Auth for daily TOTP across all services, plus a YubiKey enrolled on your email, GitHub, and any financial accounts that support FIDO2. Ente covers recovery and cross-device convenience; the hardware key covers the accounts where you can't afford to be phished.
If you're Android-only and comfortable managing backups manually: Aegis plus a YubiKey for critical accounts is a cleaner, more private setup.
Whatever you choose: save your backup codes. Every service gives you recovery codes when you enroll 2FA. Store them in your password manager. This is the single most common failure mode — people set up 2FA, lose their authenticator, and discover they never saved the backup codes. Don't be that person.
Bottom line
TOTP apps all generate the same codes — the difference is where your secrets live and how you recover them. Ente Auth is the recommendation for most people in 2026: open source, E2E encrypted, cross-platform, and instant recovery. Aegis is the better choice if you're Android-only and want local control. Add a hardware key for your most important accounts regardless of which TOTP app you choose — FIDO2 is the only genuinely phishing-resistant second factor available to consumers.