To greatly simplify an inconvenient two-factor authentication procedure for your favorite on-line services. Our solution is especially helpful for services that require entering one-time passwords at every login session (e.g., Twitter, WordPress, Amazon Web Services, Rackspace, GitHub, etc.).
One-time passwords generated by application or received via SMS are encoded and embedded into an audio notification signal, which is picked up by your desktop PC or notebook microphone. Internet connection is not needed.
First of all, each one-time password is only valid for a short period of time (usually, about 30 seconds), so any hacker would have to use it within 30 seconds. Besides, a hacker would also have to know your main login and password. In addition, we offer OTP encryption (please enable it in your mobile app and extension settings), which makes acoustic signal recording absolutely useless for any alleged hacker.
No. The acoustic signals travel only across short distances and do not transmit outside of your room environment, so it is inherently more secure than Bluetooth or WiFi radio.
If you are worried that you may be in the same room as an alleged hacker (who may also know your login/password), then you should take steps to enable an additional OTP encryption in your app and browser extension settings. After that, no one will be able to decrypt your one-time password.
Don't worry, we never send anything anywhere. Actually, for transferring one-time password from your mobile device to your desktop browser, we don't need an internet connection at all. You can check it by disabling the internet on your mobile device and even on your desktop PC. Your one-time password will be delivered anyway. Moreover, we don't use any mobile/web analytics software (such as Google Analytics, Flurry, or anything else) – not in our mobile apps, nor in our browser extensions! Therefore, we don't know anything about our user. That's why we need your explicit feedback to improve our solutions. So please give us your feedback. E-mail us at email@example.com or use the feedback forms on our web-site.
The mobile application uses an internet connection only to synchronize an internal timer that is used for one-time password generation (as with Google Authenticator or other similar apps). Unfortunately, if we disable this function your OTP generator may de-synchronize and will generate incorrect one-time passwords.
Check the manual. If you still experience problems, please contact us at firstname.lastname@example.org
It is easy. Check the manual here. Don't forget to use the same password in your mobile app and your browser extension.
Contact us at email@example.com.