🔒 Privacy First

Privacy Policy

AuthGuard – 2FA Authenticator Chrome Extension

Last updated: May 2025

Our Core Promise

AuthGuard operates 100% offline. Your authenticator secrets and generated codes never leave your browser. We collect zero personal data.

🚫

No Servers

All computation is local

📵

No Tracking

Zero analytics or telemetry

🔐

Local Storage

Stored only in your browser

1. Information We Collect

AuthGuard does not collect, transmit, or store any information on external servers. All data stays on your device.

Data Stored Locally (on your device only)

Account names: Labels you provide when saving an account (e.g., "Google - john@example.com")
TOTP Secret Keys: The Base32-encoded secret keys you enter, stored in chrome.storage.local
Preferences: UI preferences such as color themes

This data is stored exclusively in your browser's local storage and is never transmitted anywhere.

2. How the Extension Works

AuthGuard implements the TOTP algorithm (RFC 6238 / RFC 4226) entirely within your browser:

TOTP codes are generated using the Web Crypto API built into your browser
No network requests are made during code generation
The extension works fully offline after installation
Codes are cryptographically derived from your secret key and the current timestamp

3. Data Sharing

We do not share, sell, rent, or disclose your data to any third party. There are no third-party SDKs, analytics libraries, or advertising networks integrated into AuthGuard.

4. Permissions Used

storage – To save your accounts locally in your browser
clipboardWrite – To copy generated OTP codes to your clipboard when you click "Copy"
alarms – To update the extension badge with the time remaining until code refresh

We do not request permissions to read your clipboard, access websites, or read any browser data.

5. Data Security

Your secret keys are stored using Chrome's built-in chrome.storage.local API, which is sandboxed to the extension and inaccessible to websites or other extensions. For additional security, consider enabling Chrome's sync encryption if you use Chrome Sync.

6. Children's Privacy

AuthGuard does not knowingly collect any information from children under the age of 13. The extension collects no personal data from any user of any age.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected in the extension's Chrome Web Store listing. The "Last updated" date at the top of this page will be revised accordingly.

8. Contact

If you have any questions about this Privacy Policy or AuthGuard, please reach out via the Chrome Web Store support page.

Developer: AuthGuard Extension Team

Support: Via Chrome Web Store listing

Data Requests: As no personal data is collected, there is no personal data to request, modify, or delete.