Keyring icon for iPhone

2FA Authenticator with Encrypted Backup & Restore

Generate TOTP codes on your iPhone, keep every token in an encrypted backup, and restore them all automatically on a new phone.

Coming soon to theApp Store
Keyring 2FA token list with countdown rings on iPhone

What is Keyring?

Keyring is a two-factor authentication app for iPhone. It generates standard TOTP and HOTP codes entirely on your device, stores every secret in the iOS Keychain behind Face ID, and lays your accounts out as calm white tiles with a quiet countdown ring — the code you need, found in a second.

The reason Keyring exists is the new-phone moment. Backup is built in: opt-in encrypted iCloud sync restores every token automatically on your next device, and a passphrase-protected export file gives you an escape hatch that works even without iCloud. Your codes are yours to keep and yours to move.

Adding accounts is fast — scan a QR code, paste an otpauth link, or type the secret by hand — and bulk import brings over your existing tokens from standard migration files. A home-screen widget and an Apple Watch complication put your most-used codes a glance away.

Features

Codes generated on-device

Standard TOTP and HOTP codes computed locally per RFC 6238 and 4226. Secrets never leave your device unencrypted.

Encrypted backup and restore

Opt-in iCloud sync restores every token automatically on a new iPhone, and a passphrase-wrapped encrypted export file works as a manual escape hatch.

Instant search

Type to filter across issuers and custom labels — including Unicode and CJK names — and find one code among dozens on a locked-down deadline.

Fast account setup

Scan a QR code with the camera, paste an otpauth link, or enter a secret manually. Bulk import reads standard migration and backup files.

Tap to copy

A big tap target copies the current code instantly, with a live countdown ring showing exactly how long it stays valid.

Widget and Apple Watch

A home-screen widget and a Watch complication surface your most-used codes without opening the app.

How it works

Add your accounts

Scan each service's QR code, paste an otpauth link, or import your existing tokens in bulk from a standard migration file.

Unlock with Face ID

Secrets are stored in the iOS Keychain and the app opens with Face ID or your passcode, so codes are visible only to you.

Copy the code you need

Search by name, tap the tile, and the current code is on your clipboard. The countdown ring shows the seconds it has left.

Turn on backup

Enable encrypted iCloud sync so a future iPhone restores everything automatically — and keep an encrypted export file as a manual fallback.

Frequently Asked Questions

What is a TOTP authenticator app and how does it work?

A TOTP app holds a shared secret for each account and uses it to compute a short code that changes every 30 seconds, following the RFC 6238 standard. When a website asks for your two-factor code, you read the current value from the app. Keyring computes these codes entirely on your iPhone — no server involved — and shows a countdown ring so you know how long each code remains valid.

How do I transfer my 2FA codes to a new iPhone?

The tokens have to move with their secrets, which is where most people get burned — codes do not transfer with a basic phone migration unless the authenticator supports it. With Keyring's encrypted iCloud sync turned on, signing into iCloud on the new phone restores every token automatically. If you prefer a manual route, the passphrase-protected export file can be moved and imported like any document.

What happens to my two-factor codes if I lose my phone?

Without a backup, the secrets are gone and you must recover each account through its own reset process — which can take days per service. Keyring is built to make that scenario a non-event: encrypted iCloud sync means a replacement iPhone gets every token back, and the encrypted export file covers you even if you leave the ecosystem. It is still wise to keep each service's recovery codes somewhere safe.

How do I back up my authenticator codes?

Keyring offers two paths. Encrypted iCloud sync stores tokens in your private iCloud, protected so that only your devices can read them, and restores automatically on a new phone. Separately, you can create a manual export file wrapped with a passphrase you choose — a self-contained backup you can keep in any storage you trust.

Is it safe to store 2FA codes in iCloud?

Keyring's sync is opt-in and end-to-end protected: secrets are encrypted before they leave the device, live in your private iCloud database, and are unreadable without your own devices and credentials. On the phone itself, secrets sit in the iOS Keychain gated by Face ID or your passcode. If you prefer, you can skip sync entirely and rely on the encrypted export file.

Can I export my 2FA tokens out of the app?

Yes, at any time. Keyring produces a passphrase-encrypted export file containing all your tokens, which you can store or move wherever you like and re-import later. You are never locked in: the export path exists precisely so your access to your own accounts never depends on any one app or cloud.

How do I add an account to an authenticator app?

Most services show a QR code when you enable two-factor authentication in their security settings. In Keyring you scan that code with the camera and the account appears with its issuer name filled in. If there is no QR code, you can paste an otpauth link or type the secret key manually — all three end up as the same standard token.

Can I import my existing codes from another authenticator?

Yes. Keyring reads standard otpauth migration files and encrypted backup exports, bringing your accounts over in bulk instead of one QR scan at a time. Issuer names, labels, and settings carry across, so a switch takes minutes even with dozens of accounts.

Do authenticator apps work offline?

Yes — that is one of their core advantages over SMS codes. TOTP codes are computed from the stored secret and the current time, so no network is needed at all. Keyring generates codes in airplane mode, abroad without a data plan, or anywhere else your phone has a clock.

What is the difference between SMS codes and an authenticator app?

SMS delivers a code over the phone network, which can be intercepted or hijacked through SIM-swap attacks and fails without signal. An authenticator app computes the code on the device from a secret that never travels, making it both more secure and available offline. Security guidance broadly recommends app-based codes over SMS where a service offers both.

Can I see my 2FA codes on my Apple Watch?

Yes. Keyring includes an Apple Watch complication and a home-screen widget so your most-used codes are a glance away during a login. Both are shipped and maintained as first-class parts of the app, not afterthoughts.

How do I find one code quickly when I have dozens of accounts?

Keyring's search filters as you type, matching issuer names and your own custom labels, including names written in any script. You can also reorder tiles and label accounts however you think of them — so the code you need during a checkout is two keystrokes away, not a scroll through a wall of entries.

Get Keyring for iPhone

Set up your codes once — and never dread a new phone again.

Coming soon to theApp Store

More apps by the same developer

KitlineSundialBezelRowNestDriftwoodQuillSigmakeyMedical Records