Proton Introduces End‑to‑End Encrypted Open‑Source 2FA App Across Windows, macOS, Linux, iOS, and Android
What Happened — Proton released a free, open‑source two‑factor authentication (2FA) application that generates time‑based one‑time passwords (TOTP) locally and offers optional end‑to‑end encrypted synchronization via a Proton account. The app runs on all major desktop and mobile platforms and supports import/export from existing authenticator tools.
Why It Matters for TPRM —
- Provides a privacy‑first alternative to commercial authenticator apps that often collect usage data.
- End‑to‑end encryption and local code generation reduce the attack surface for credential‑theft vectors.
- Open‑source code enables independent verification of security claims, supporting due‑diligence assessments.
Who Is Affected — Enterprises and service providers that rely on TOTP‑based MFA, especially those with strict data‑privacy or compliance requirements (e.g., finance, healthcare, government).
Recommended Actions —
- Evaluate Proton Authenticator as a replacement or supplement to existing 2FA solutions.
- Verify the open‑source repository and conduct a code review or third‑party audit.
- Update MFA policies to allow encrypted sync and PIN/biometric lock for authenticator apps.
Technical Notes — The app generates six‑digit TOTP codes locally, refreshes every 30 seconds, and can sync encrypted vaults via a Proton account using client‑side encryption. No network connectivity is required for code generation. Supports QR‑code enrollment, import from Google Authenticator, Aegis, Bitwarden, and export for backup. Source: https://www.helpnetsecurity.com/2026/04/06/product-showcase-proton-authenticator-encrypted-open-source-2fa-app/