TOTP Authenticator
SyVault includes a built-in TOTP authenticator, eliminating the need for a separate app like Google Authenticator or Authy. Your two-factor codes live alongside the login record they protect, fully encrypted in your vault.
Adding a TOTP Secret
There are two ways to add TOTP to a login record:
- QR Scan -- Click the Scan QR Code button in the TOTP field. On desktop, SyVault captures the QR code from your screen. On mobile, it opens the camera.
- Manual Entry -- Paste the secret key directly into the TOTP field if the site provides a text-based setup key.
Once added, the TOTP section appears on the record detail view.
Using TOTP Codes
- Codes auto-refresh every 30 seconds. A circular countdown timer shows remaining time before the next rotation.
- Click the code or press the copy icon to copy it to your clipboard. The clipboard is automatically cleared after 30 seconds.
- During autofill, SyVault can fill the TOTP code into the second-factor prompt automatically when domain matching succeeds.
Offline Support
TOTP generation is performed entirely on-device using the stored secret and your system clock. No network connection is required. This means your codes remain available even without internet access.
Make sure your device clock is accurate. TOTP codes depend on time synchronization -- a drift of more than 30 seconds can cause codes to be rejected.
Security
The TOTP secret is stored encrypted alongside the parent login record using the same zero-knowledge envelope. It is never sent to SyVault servers in plaintext. When you remove a TOTP entry, the secret is permanently erased from the vault.
Storing your TOTP secrets in the same vault as your passwords trades some defense-in-depth for convenience. For highest-security accounts, consider keeping TOTP on a separate hardware key.