Adding Factors

Add 2FA tokens to FactorCat by scanning QR codes, entering secrets manually, or letting the browser extension detect MFA setup pages automatically.

Updated

There are three ways to add factors to FactorCat: scan a QR code, enter the secret manually, or let the browser extension detect it for you. For migrating from another authenticator, see Importing Factors.

Scan a QR code

The fastest way to add a factor:

  1. Open the FactorCat mobile app
  2. Tap + (add factor)
  3. Point your camera at the QR code shown by the service you’re setting up 2FA for
  4. FactorCat reads the otpauth:// URI from the QR code and captures the service name, account, secret, and TOTP parameters automatically
  5. Choose which vault to store it in — Cloud Vault or Locked Vault
  6. Tap Save

The factor appears in your list with a live TOTP code immediately.

Manual entry

If you can’t scan the QR code (maybe you’re setting up from the same phone, or the service provides a text secret instead of a QR):

  1. Open the FactorCat mobile app
  2. Tap + > Enter manually
  3. Fill in:
    • Service name — the name of the service (e.g., “GitHub”)
    • Account — your username or email on that service
    • Secret — the base32 secret provided by the service
    • Algorithm, digits, period — usually TOTP defaults (SHA-1, 6 digits, 30 seconds). Only change these if the service specifies non-standard values.
  4. Choose your vault
  5. Tap Save

Extension detection (automatic)

When you visit a site’s MFA setup page in your browser, the FactorCat extension can detect it:

  1. Navigate to the 2FA setup page on any supported service
  2. The service shows a QR code for you to scan with an authenticator
  3. The FactorCat extension detects the setup page and shows a prompt: “Add this factor to FactorCat?”
  4. Click to capture — the extension reads the QR code from the page and sends the factor details to your phone
  5. The factor is saved without needing to pick up your phone

This works on most sites that display a standard otpauth:// QR code during MFA setup. It won’t detect all sites — some use non-standard flows or don’t expose the QR code in a way the extension can read.

Choosing a vault during setup

When you add a factor (any method), you choose which vault to store it in:

  • Cloud Vault — cloud-managed encryption. Easy recovery, cross-device sync, no keys to manage. Best for most accounts.
  • Locked Vault — zero-knowledge encryption. You hold the master key. Best for high-security accounts.

You can move factors between vaults later if you change your mind.

Importing in bulk

If you’re switching from another authenticator and have many factors to move, individual QR scanning would take a while. FactorCat supports bulk import from Google Authenticator (via export QR), Authy (via re-enrollment), and manual URI/CSV files. See Importing Factors for the full guide.

After adding your first factor, pair your phone and browser to start using push approval and auto-fill.

Secure your accounts with FactorCat

Auto-fill MFA codes in your browser. Free for up to 50 factors.

Get started free See platforms