Get started
FactorCat has three surfaces — a mobile app, a browser extension, and a web dashboard. They work together so you never copy a code again. Setup takes about 5 minutes.
How the pieces fit together
Mobile app
Stores your TOTP secrets. Receives push notifications. You approve or deny from here — the secrets never leave your phone.
Browser extension
Detects MFA fields on websites. Sends a push to your phone. When you approve, the code fills in automatically. Never holds secrets.
Web dashboard
Manage your account, vaults, sharing, and billing. Also where you can view codes directly if you don't have your phone.
You only sign in once — on the web or in the app. Everything else links automatically via your Google account, or by scanning a pairing QR code.
Choose your starting point
Add your first factor
Open FactorCat on your phone and tap +. Go to any service's security settings (like GitHub or Google), enable 2FA, and scan the QR code with FactorCat. Your factor is saved locally on your device.
You can use FactorCat as a standalone authenticator right now — no account needed. But to get auto-fill, keep going.
Install the browser extension
Add the FactorCat browser extension. It will open a tab to app.factorcat.com where you sign in with Google. This is the only sign-in in the entire setup.
Pair your phone
After signing in, the extension shows a QR code. Open FactorCat on your phone and scan it. Your phone inherits your account identity — no sign-in needed on the phone.
Already signed in on both? If you signed in with the same Google account on the app and the web, they're already linked — no QR scan needed. FactorCat connects them automatically.
Link your local factors
If you added factors before pairing, FactorCat will ask if you want to link them to your account. This enables cloud backup and auto-fill for those factors. You can also choose to keep them local-only.
Experience auto-fill
Visit a site where you've set up 2FA. The extension detects the MFA field, sends a push to your phone, and when you tap approve, the code fills in automatically. That's it — about 3 seconds.
Download the mobile app
Get FactorCat on your phone from the download page. The mobile app is where your TOTP secrets live and where you approve login requests.
Pair your phone
The web dashboard shows a pairing QR code. Open FactorCat on your phone and scan it. Your phone is now linked to your account — no sign-in needed on the phone.
Prefer to sign in on both? You can also sign in with the same Google account on the app. They'll link automatically — no QR scan needed.
Install the browser extension
Add the FactorCat browser extension. Since you're already signed in on the web, the extension picks up your session automatically. No second sign-in.
Add your first factor
Go to any service's security settings, enable 2FA, and scan the QR code with FactorCat on your phone. The factor is saved and synced to your account immediately.
Experience auto-fill
Visit the site where you just set up 2FA. The extension detects the MFA field, your phone gets a push, you tap approve, and the code fills in. About 3 seconds, start to finish.
What you can skip
FactorCat works at any level of setup. You don't need all three surfaces to get value.
Phone only (no account) — Works as a standalone authenticator. Add factors, view codes on your phone. No sign-in, no cloud, no sync. You can create an account later and link your existing factors.
Phone + account (no extension) — Cloud backup and web dashboard access, but no browser auto-fill. You'll still copy codes manually. Add the extension whenever you want auto-fill.
Phone + account + extension (full setup) — The complete experience. Push approve, auto-fill, cloud backup, web management. This is what FactorCat is designed for.
Common questions
Do I need to sign in on every device?
No. You sign in once — on the web dashboard (or in the app). The phone links via QR scan or by signing in with the same Google account. The extension picks up your web session. One sign-in covers everything.
What's the QR code for?
The pairing QR is a short-lived, single-use token that links your phone to your account. It's the same trust model as WhatsApp Web or Signal Desktop — your phone scans a code from a screen, and the devices are linked.
I already use another authenticator. Do I need to re-enroll?
Yes — most authenticator apps don't support exporting tokens. You'll need to go to each service's security settings, disable 2FA, then re-enable it and scan the new QR with FactorCat. It takes about 2 minutes per account. See our Authy migration guide for a step-by-step walkthrough.
Can I use FactorCat without the browser extension?
Yes. Without the extension, FactorCat works like a regular authenticator — you open the app, find the code, and enter it manually. The extension adds auto-fill and push approve. You can add it whenever you're ready.
What if I lose my phone?
If your factors are in Cloud Vault, sign in on the web dashboard and view your codes there. If they're in Locked Vault, you'll need your recovery phrase or QR code — save it when you create the vault. See recovery details and Emergency Kit guide.
Ready to get started?
Download the app, sign in, and add your first factor.