Proton has unveiled Proton Authenticator, a free and open-source two-factor authentication (2FA) app that works across mobile and desktop platforms, offering encrypted backups, seamless sync, and a privacy-first alternative to Big Tech's authentication tools.
The new app was developed by the same team behind Proton Mail, Proton VPN, and Proton Pass, privacy-focused services known for their robust encryption and transparent practices. With the release of Proton Authenticator, the company extends its mission of putting user security and privacy first into the 2FA space, positioning the app as an alternative to Google Authenticator and Microsoft Authenticator, which are often criticized for closed-source codebases and user data lock-in.
Two-factor authentication is widely considered one of the most effective defenses against account takeovers, which have surged in recent years and contributed to billions in global cybercrime losses. Traditional 2FA apps generate time-based one-time passwords (TOTPs) used alongside usernames and passwords to secure access to online services. However, many popular options on the market are closed-source, monetized through ads, and lack encrypted backups or export capabilities, issues Proton is aiming to fix with its new offering.
Proton Authenticator introduces several user-first features rarely found in a single package:
- Full cross-platform availability (iOS, Android, Windows, macOS, Linux)
- End-to-end encrypted sync between devices
- Automatic encrypted backups
- Offline functionality
- Biometric or PIN-based app locking
- Easy import/export of existing 2FA tokens
- Fully open-source codebase with no tracking or ads
These features make Proton Authenticator particularly notable for users managing multiple devices or those looking to avoid data lock-in. Encrypted synchronization ensures that users can access their 2FA tokens on any of their devices without compromising security. The ability to import tokens from apps like Google Authenticator in seconds also lowers the friction of switching.
Eamonn Maguire, Head of Account Security at Proton, emphasized the universal need for strong authentication: “Two-factor authentication is essential for everyone—not just privacy enthusiasts. Proton Authenticator is for anyone who wants a secure, transparent, and convenient way to protect their accounts without relying on Google or Microsoft.”
While many 2FA users rely on SMS codes, these are vulnerable to SIM-swapping attacks. Time-based 2FA apps are inherently more secure because they generate codes that expire every 30 seconds and don't rely on a mobile network. By combining this security with a fully encrypted, open-source approach, Proton hopes to push the industry toward more transparent standards.
Proton Authenticator is now available for download on all major platforms. The source code can be reviewed on Proton’s GitHub repository once it becomes available (might take a few days), allowing the community to audit the firm’s claims.
Leave a Reply