# beemdevelopment/aegis

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/beemdevelopment-aegis).**

12,613 stars · 545 forks · Java · GPL-3.0

## Links

- GitHub: https://github.com/beemdevelopment/Aegis
- Homepage: https://getaegis.app
- awesome-repositories: https://awesome-repositories.com/repository/beemdevelopment-aegis.md

## Topics

`2fa` `android` `authenticator` `encryption` `fingerprint` `hotp` `otp` `secure` `totp`

## Description

Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services.

The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated security codes.

To support data recovery and portability, the platform provides encrypted backup capabilities and facilitates synchronization with remote storage providers using end-to-end encryption. It also supports standardized data schemas for importing and exporting token databases, allowing for interoperability when migrating security records between different applications.

## Tags

### Security & Cryptography

- [Credential Vaults](https://awesome-repositories.com/f/security-cryptography/credential-vaults.md) — Functions as a local-first credential vault for storing and managing sensitive authentication secrets.
- [Multi-Factor Authentication](https://awesome-repositories.com/f/security-cryptography/multi-factor-authentication.md) — Manages and generates time-based security codes locally for multi-factor authentication across various services.
- [One-Time Passwords](https://awesome-repositories.com/f/security-cryptography/one-time-passwords.md) — Generates time-based one-time passwords for two-factor authentication within a secure mobile application.
- [Two-Factor Authentication](https://awesome-repositories.com/f/security-cryptography/two-factor-authentication.md) — Generates time-based and counter-based security codes to verify user identity across online services. ([source](https://getaegis.app))
- [Authenticated Encryption](https://awesome-repositories.com/f/security-cryptography/authenticated-encryption.md) — Protects stored authentication databases using authenticated symmetric encryption to ensure data integrity and confidentiality at rest.
- [Encrypted Backups](https://awesome-repositories.com/f/security-cryptography/encrypted-backups.md) — Creates encrypted copies of security tokens to ensure data recovery and protection against device loss. ([source](https://getaegis.app))
- [Biometric Authentication](https://awesome-repositories.com/f/security-cryptography/biometric-authentication.md) — Secures access to the local credential vault by integrating with native system-level biometric authentication APIs.
- [Hardware-Backed Security](https://awesome-repositories.com/f/security-cryptography/hardware-backed-security.md) — Leverages secure enclaves and hardware security modules to protect cryptographic keys from unauthorized system access.
- [Sensitive Data Access Controls](https://awesome-repositories.com/f/security-cryptography/sensitive-data-access-controls.md) — Enforces access controls on stored tokens by requiring biometric or password verification for retrieval. ([source](https://getaegis.app))
- [End-To-End Encryption Systems](https://awesome-repositories.com/f/security-cryptography/cryptography/end-to-end-encryption-systems.md) — Facilitates secure cross-device recovery by synchronizing encrypted data blobs to remote storage providers.

### Part of an Awesome List

- [Security & Privacy](https://awesome-repositories.com/f/awesome-lists/security/security-privacy.md) — Secure manager for two-step verification tokens.

### Data & Databases

- [Local-First Persistence](https://awesome-repositories.com/f/data-databases/data-engineering-infrastructure/data-persistence-storage/data-storage/client-side-persistence/local-first-persistence.md) — Maintains security tokens in local storage to ensure authentication codes remain accessible during offline operation.
- [Database Migrations](https://awesome-repositories.com/f/data-databases/data-import/database-migrations.md) — Provides utilities for importing and exporting token databases to maintain account access when switching devices. ([source](https://getaegis.app))