Skip to main content

OTP Authenticator

LockYit includes a built-in authenticator for storing and generating one-time passwords (OTP).

What is OTP?

OTP (One-Time Password) codes are temporary 6-digit codes used for two-factor authentication (2FA). Instead of using a separate authenticator app, you can store and generate these codes directly in LockYit.

Adding an OTP Entry

Method 1: Scan QR Code

  1. Go to OTP screen
  2. Click or tap + Add OTP
  3. Click or tap Scan to ensure that you are on the QR code scanning screen
  4. Click or tap on the camera_alt Start Scanning button
  5. Point your camera at the QR code provided by the service
  6. The entry is automatically created

Method 2: Manual Entry

If you can't scan a QR code:

  1. Click or tap + Add OTP
  2. Select Manual
  3. Enter the details:
    • Title: Service name (e.g., "Google")
    • Account: Your account email/username
    • Secret Key: The alphanumeric key provided by the service
  4. Click or tap Save

Viewing OTP Codes

  1. Open the OTP section
  2. See all your authenticator entries
  3. Each entry shows:
    • Service name and account
    • A visibility toggle icon to hide/show the OTP code
  4. On making the OTP code visible, you will see
    • Current 6-digit code
    • Countdown timer until next code
    • A copy icon to copy the OTP code to the clipboard
    • A hide icon to hide the OTP code

Using OTP Codes

When a service asks for your authenticator code do the following.

  1. Open LockYit → OTP
  2. Find the service
  3. Read the current code. Refer to viewing OTP codes on how to see the code.
  4. Enter it on the website/app before the timer expires
Quick Copy on the same device

Click or tap the code to copy it to your clipboard instantly. Then paste it into the service's login screen.

Code Refresh

OTP codes change every 30 seconds. The countdown timer shows how long you have in seconds until the next code comes up.

If the code changes before you enter it, just use the new one.

Security

Your OTP secrets are stored with the same encryption as all other vault items:

  • AES-256-GCM encryption
  • Local storage only
  • Protected by your master password

Backing up OTP Codes

LockYit includes your OTP secret keys in your vault backups, and the CSV export file.

  • CSV Export: Your OTP secrets are exported in the otp_uri column. You can re-import them via CSV Import.
  • Security Warning: Since CSV exports are unencrypted, your OTP seeds will be visible in the file. Keep the export file secure.

Migrating from Other Apps

Moving from Google Authenticator, Authy, or another app?

  1. Go to the old app's settings
  2. Look for "Export" or "Transfer codes"
  3. Scan the QR codes with LockYit one by one
warning

When removing entries from your old authenticator, make sure they're working in LockYit first!

You can also choose to retain the codes in the old authenticator for a while, to be sure that you have it working in LockYit correctly.

Troubleshooting

Code Not Working?

  1. Check the time - Your device clock must be accurate
  2. Check the account - Make sure you're using the right entry
  3. Wait for refresh - Try the next code if this one is about to expire

Time Sync Issues

OTP codes are time-based. If your device clock is off by more than 30 seconds, codes won't work.

  1. Go to your device Settings
  2. Find Date & Time
  3. Enable the option to set the time automatically