A secure, lightweight browser extension for managing TOTP (Time-based One-Time Password) authentication codes with encrypted storage and PIN protection.
- π Encrypted Vault - All TOTP secrets are encrypted with AES-256-GCM using your PIN
- π± TOTP Generation - Generate time-based one-time passwords for two-factor authentication
- π PIN Protection - Secure your vault with a personal identification number
- πΎ Backup & Restore - Export your accounts for backup (PIN is not included)
- π¨ Dark/Light Theme - Choose your preferred color scheme
- π Auto-lock - Automatically lock vault after inactivity
- π Account Management - Add, edit, and delete TOTP accounts
- π Search - Quickly find accounts by issuer or label
- π Customizable Sorting - Sort accounts by date, issuer, or label
- Clone the repository:
git clone https://github.com/pov-pisal/AtomicAuthenticator.git
cd AtomicAuthenticator- Open Chrome/Brave/Edge and navigate to:
chrome://extensions/
-
Enable "Developer mode" (top right toggle)
-
Click "Load unpacked" and select the project folder
- Click the Atomic Authenticator extension icon
- Create a PIN (minimum 6 digits) and confirm it
- Start adding your TOTP accounts
- Click the "Add account" button
- Enter the TOTP secret (base32 encoded)
- Optionally add the issuer name and label
- Click "Save account"
Tip: You can paste otpauth:// URLs directly - the extension will parse them automatically!
- Your TOTP codes refresh every 30 seconds
- Click on an account to copy the code
- Codes are automatically removed from clipboard after a short delay
- Go to Settings β Backup
- Click "Export" tab
- Click "Copy to Clipboard" or "Download" to save your backup
- Note: Backups include only your accounts, not your PIN for security
- Go to Settings β Backup
- Click "Import" tab
- Paste your backup JSON
- Click "Import Backup" to restore accounts
βββ manifest.json # Chrome extension manifest
βββ popup.html # Main UI
βββ popup.css # Styling
βββ popup.js # Main logic & event handlers
βββ crypto.js # Encryption/decryption functions
βββ totp.js # TOTP generation & parsing
βββ storage.js # Browser storage interface
βββ contentScript.js # Content script for autofill
βββ import.html # Import page
βββ import.js # Import page logic
βββ icons/ # Extension icons (16x16, 32x32, 48x48, 128x128)
- End-to-End Encrypted - TOTP secrets encrypted with AES-256-GCM
- PIN-Protected - Your PIN never leaves your device
- No Server Communication - Completely offline, no cloud sync
- Secure Storage - Uses Chrome's
chrome.storage.syncfor encrypted local storage - Auto-lock - Configurable timeout to automatically lock the vault
- Algorithm: AES-256-GCM (NIST approved)
- Key Derivation: PBKDF2 with SHA-256
- Iterations: 100,000
- IV: Random 12-byte nonce
- Language: Vanilla JavaScript (ES6+)
- Storage: Chrome Storage API
- Encryption: Web Crypto API
- UI Framework: None (vanilla HTML/CSS)
- Build Tool: None required (load as unpacked extension)
None! This extension has zero external dependencies. It uses only:
- Chrome APIs
- Web Crypto API
- Browser Storage API
- Auto-lock after: Set how long before vault auto-locks (1 min - Never)
- Theme: Choose between Dark and Light modes
- Sort Accounts: Order by Newest, Oldest, Issuer (A-Z/Z-A), or Label (A-Z/Z-A)
- Change PIN: Update your vault PIN anytime
Contributions are welcome! Please feel free to submit a Pull Request.
This project is open source and available under the MIT License.
This extension is provided as-is. While security best practices have been implemented:
- Always keep your PIN secure and memorable (it cannot be recovered if lost)
- Back up your accounts regularly
- Test restore functionality with non-critical accounts first
Found a bug? Please open an issue on GitHub with:
- Steps to reproduce
- Expected behavior
- Actual behavior
- Browser version
For questions or issues, please open a GitHub issue.
Made with β€οΈ for secure authentication