Features

• No internet connection required: all client-side libraries are bundled and served locally.
• Light/Dark mode with system preference detection.
• PWA integration for installable mobile and desktop experience.
• Mobile-friendly responsive grid layout.
• Full TOTP CRUD: create, view, edit, and delete codes.
• TOTP code display with previous, current, and next time-step codes.
• Authelia proxy-based authentication.
• Encrypted storage at rest using AES-GCM-SIV (see Security).
• Row-level security (RLS) for per-user data isolation in PostgreSQL.
• OWASP security headers on all responses (HSTS, X-Frame-Options, etc.).
• Health check endpoint at /healthz/ready for orchestrator readiness probes.

Currently missing features

• Import/export all codes.

Screenshots