OTP Autofill Authenticator

About

Tired of reaching for your phone every time a site asks for a 2FA code? OTP Autofill Authenticator generates TOTP codes right in Chrome and types them into the verification screen for you — securely.

HOW IT WORKS
1. Add your accounts: scan a QR code (on any page or from an image file), paste an otpauth:// link, or type the secret manually.
2. Log in as usual. The extension detects the 2FA screen and fills the right code for the right account — it even remembers which email you used on each site, so two-step flows pick the correct account automatically.
3. The first time on a new site you approve it with one click. After that, codes fill automatically — but only on sites you approved.

SECURITY FIRST
• Optional master password: your secrets are encrypted at rest with AES-256-GCM (PBKDF2-SHA256, 600,000 iterations). Unlock once per browser session, with optional auto-lock.
• Secrets never touch web pages: pages only ever receive a single 6-digit code, and only on domains you approved. Cross-site iframes get nothing.
• Anti-phishing matching: an account tied to github.com will never fill on github.evil.com.
• Encrypted, passphrase-protected backups — plaintext export only behind an explicit warning.
• Copied codes are wiped from your clipboard after 45 seconds.
• 100% local: no servers, no sign-up, no telemetry, no analytics. Open source.

WORKS EVERYWHERE
• Single code fields, 6-box grids, and hidden-input OTP widgets
• Shadow DOM and single-page apps
• Two-step logins (email first, code later) — even when the OTP screen shows no email field
• Keyboard shortcut: Ctrl+Shift+9

IMPORT / EXPORT
• otpauth:// URIs, JSON, QR codes, Google Authenticator-style per-account QRs
• Duplicate-aware import with override
• Encrypted backup file you can restore on any machine

OPEN SOURCE
Code, issues and security notes: https://github.com/deivid11/otp-autofill-chrome-extension