SECURITY

Your 2FA codes are only as useful as they are safe

Security is the foundation el2FA was built on — not a feature we bolted on later. Every decision we make starts with one question: does this keep your codes protected?

Core Principles

How we think about protecting your codes

Three principles guide every security decision we make. They're simple, and they're non-negotiable.

Encrypted at every step

Your codes are encrypted on your device before they're synced anywhere. They stay encrypted in transit and at rest on our servers. We never see your codes in plain text — not during sync, not in storage, not ever. Think of it like sealing a letter before handing it to the postal service. We deliver it, but we can't read it.

No single point of failure

Personal authenticator apps put all your eggs in one basket — one phone, one person. If that phone is lost, stolen, or the person leaves, you're locked out. el2FA distributes access across your team with proper controls. No one device and no one person holds all the keys. Your team's access is resilient by design.

You stay in control

Granular permissions let you decide exactly who can see which codes. Revoke access instantly when someone changes roles or leaves the team. Full audit logs give you complete visibility into who accessed what and when. You're never guessing about the security of your accounts.

How It Works

How team sharing works securely

Sharing 2FA codes with your team doesn't mean compromising on security. Here's how it works, step by step.

Admin adds a code

An admin adds a 2FA code to a shared vault — just like scanning a QR code into any authenticator app.

Encrypted before it leaves

The code is encrypted on the admin's device before it's sent anywhere. It never travels in plain text.

Team members access it

Team members with vault access can view the code on their own devices. It's decrypted locally, only when needed.

Revoke access instantly

Remove someone's access and the code disappears from their devices immediately. No delays, no loose ends.

Recovery

Recovery built into the architecture

  • Lost a device? Your codes are safe.Your 2FA codes are always recoverable through your team workspace. A lost or broken phone doesn't mean lost access. Log in from another device and everything is right where you left it.
  • Team member left? No problem.When someone leaves, revoke their access and move on. The codes stay with the team, not the individual. No frantic password resets. No waiting for someone to hand over their phone.
  • Recovery doesn't compromise security.Recovery isn't a workaround — it's built into the architecture. Your codes remain encrypted throughout the recovery process. Getting back in doesn't mean opening a back door.
  • Compare that to personal authenticator apps.With Google Authenticator, losing your phone means losing everything. Recovery codes get lost. Backup processes are manual and fragile. For a team, that's not a minor inconvenience — it's a business risk.
  • Save your recovery codes — they cannot be replaced.Because your codes are encrypted on your device, el2FA cannot decrypt them on your behalf. Recovery codes are the key to your personal vault if you ever lose access. If you lose both your password and your recovery codes, your personal codes cannot be recovered — by you or by us. Store them somewhere safe: printed, in a password manager, or with trusted people.
  • Shared vaults are always recoverable.Codes stored in a shared team vault can always be restored by any team admin — no recovery codes needed. The team itself acts as a safety net. This is one reason shared vaults are recommended for business-critical accounts.
End-to-End Encryption

How the encryption works

Plain-English explanation of what happens to your data — no jargon required. We use AES-256-GCM encryption and X25519 key exchange, the same standards used by Signal and WhatsApp.

Your key never leaves your device

Argon2id derives your encryption key locally from your password. We receive a separate authentication token — never your key. Your password never reaches our servers, which means we genuinely cannot decrypt your data even if we wanted to.

Each member gets their own encrypted copy

Vault Keys are encrypted individually for each member using asymmetric cryptography. Adding or removing someone doesn't expose the key to anyone else. Each person holds only their own copy — encrypted specifically for them.

Revocation is cryptographic, not just a database row

When you remove someone, the vault key is rotated. Their old copy cannot decrypt the new ciphertext. This is not a permission flag that could be bypassed — the mathematics of encryption makes their access permanently invalid.

Access verified before every code

Our server issues short-lived access tokens (leases) before any code is shown. Remove someone and their codes disappear within minutes — even if they're offline. The app cannot display a code without a fresh lease, so revocation is always enforced in near real-time.

Honest Answers

Questions you should be asking

If you're trusting a service with your 2FA codes, you deserve straight answers. Here they are.

Why should I trust el2FA over Google Authenticator?

Google Authenticator is a solid personal tool. But it was designed for one person on one device. It doesn't support team sharing, has no access controls, and if you lose your phone, recovery is painful. el2FA was purpose-built for teams — with encryption, shared vaults, instant access revocation, and recovery that actually works. You're not replacing security, you're adding collaboration on top of it.

Can el2FA employees see my codes?

No. Your codes are encrypted on your device before they ever reach our servers. We store encrypted data that we cannot decrypt. Our team has no way to view, read, or access your authenticator codes. This is by design, not by policy — the architecture makes it technically impossible.

What happens if el2FA goes down?

Your codes are cached locally on your devices. If our servers are temporarily unavailable, you can still access your codes from any device that has synced recently. We also maintain redundant infrastructure to minimize downtime. Your access to your accounts doesn't depend on our uptime.

Is my data stored in the cloud?

Yes, but only in encrypted form. Your codes are encrypted on your device before being synced to the cloud. What's stored on our servers is encrypted data that we cannot read. The cloud is what enables team sharing and multi-device sync — but your codes are never exposed in the process.

How is this different from a password manager?

Password managers store static credentials. el2FA manages time-based one-time passwords (TOTP) — the rotating 6-digit codes you use for two-factor authentication. These require a different approach: real-time code generation, time synchronization, and team-aware sharing. While some password managers offer basic 2FA features, el2FA is built specifically for this use case, with purpose-built sharing, recovery, and access controls that generic tools don't provide.

What happens if I lose my recovery codes?

If you lose your password and your recovery codes, your personal vault contents cannot be recovered — not by you, and not by us. This is the direct consequence of true end-to-end encryption: we don't hold your keys, so we can't unlock your vault for you. This is why we ask you to save your recovery codes carefully when you set up your account. For team vaults, recovery codes are not needed — any team admin can restore access.

What happens when someone is removed from a team vault?

Removing a member from a vault triggers a key rotation. The vault's encryption key is regenerated and all secrets are re-encrypted under the new key. The removed member's copy of the old key cannot decrypt anything new. Additionally, our access lease system means their codes disappear from the app within minutes of removal — even if they're currently offline. Revocation is cryptographic, not just a permission change.

Security shouldn't be a tradeoff
for collaboration.

el2FA gives your team shared access to 2FA codes without compromising on protection. Try it free and see for yourself.

Start Your Free Trial

No credit card required · 14-day free trial on all paid plans