A secure, transparent, and high-performance two-factor authentication extension built from the ground up with 100% visible and auditable source code. No black boxes, no telemetry, no compromises.
Master key derivation using Argon2id via WebAssembly. State-of-the-art hashing resistance against GPU and ASIC brute-force attacks.
Your secrets never leave your device unencrypted. We use AES-256-GCM (Authenticated Encryption with Associated Data) to keep your vault completely secure.
Store an end-to-end encrypted backup directly in your hidden Google Drive App Data folder. Only you possess the decryption password.
No telemetry, no external tracking, no forced cloud sync. R2D2 works completely offline to generate your 2FA codes reliably and securely.
Every line of code is open-source. Zero third-party dependencies or external libraries that could be compromised.
Having issues with 2FA codes due to clock drift? R2D2 automatically synchronizes with server time securely to fix validation errors.