Two-Factor Authentication

Your codes.
Your device.
Your privacy.

Pangi is a privacy-first TOTP authenticator built entirely for the Apple ecosystem. Face ID locked. AES-256 encrypted. No trackers, ever.

For iPhone (iOS 17+) and Apple Watch (watchOS 11+)

Pangi mascot — a friendly pangolin waving hello with a verification checkmark badge
What Pangi offers

Everything you need. Nothing you don't.

Built native for Apple. Every feature exists to keep your codes accessible and your secrets safe.

Biometric Lock

Face ID, Touch ID, or Optic ID required to open the app. Your codes are protected the moment you look away.

Apple Keychain Storage

Secrets are stored in the Apple Keychain with hardware-backed protection — not in a plain database file.

Encrypted Backups

Export password-protected backup files using AES-256-GCM encryption. Your password, your data — we can't read it.

Encrypted iCloud Sync

Sync across your Apple devices with confidence. Account data is encrypted on your device before it ever reaches iCloud.

Apple Watch Companion

View your TOTP codes and countdown right from your wrist. Accounts sync securely from iPhone via WatchConnectivity.

Widgets & AutoFill

Glanceable home screen widgets for your top accounts. iOS AutoFill puts one-time codes right in the keyboard bar.

Privacy & Security

Security without compromise

Pangi is designed so that your secrets stay secret — even from us.

  • Secrets in Apple Keychain — not a plain SQLite database. Hardware-backed protection on every supported device.
  • AES-256-GCM encrypted backups with PBKDF2 key derivation (100,000 iterations, 32-byte random salt).
  • Encrypted before iCloud upload — your private CloudKit database contains only encrypted payloads. We cannot read them.
  • Privacy shield — the app obscures your codes in the iOS app switcher so they never appear in screenshots or recordings.
  • Clipboard auto-clears after 30 seconds and is set to local-only — copied codes don't sync to your other Apple devices.
  • Zero trackers — no advertising SDKs, no third-party analytics, no data sold. Everything stays on your device.
Pangi mascot inspecting with a magnifying glass, representing careful security review
Frequently Asked Questions

Got questions? We've got answers.

What is Pangi?

Pangi is a two-factor authenticator (TOTP) app for iPhone and Apple Watch. It generates time-based one-time passcodes for your online accounts and stores your authenticator secrets securely on-device in the Apple Keychain — not in the cloud, not in a plain database.

How does Pangi protect my authenticator secrets?

Your secrets are stored in the Apple Keychain with hardware-backed protection, guarded by Face ID, Touch ID, or Optic ID. Backup files use AES-256-GCM encryption with PBKDF2 key derivation (100,000 iterations). iCloud sync encrypts everything on your device before any data leaves it.

Does Pangi track me or collect any analytics?

No. Pangi contains no advertising SDKs and no third-party analytics. The app does not send your data to any external server other than your own private iCloud database when you choose to enable sync. Your authenticator secrets never leave your device unencrypted.

Can I sync my codes across multiple Apple devices?

Yes. Pangi offers optional encrypted iCloud sync. Account data is encrypted on your device before being uploaded to your private CloudKit database — iCloud stores only encrypted payloads that Pangi decrypts locally. You can disable sync at any time and the cloud copy is removed.

Does Pangi work on Apple Watch?

Yes. Pangi includes an Apple Watch companion app (watchOS 11+) that displays your TOTP codes and countdown timers right from your wrist. Accounts sync securely from your iPhone using Apple's WatchConnectivity framework.

Can I import accounts from Google Authenticator?

Yes. Pangi supports Google Authenticator's export QR code format. You can scan the migration QR code with the camera or import from a screenshot in your photo library. Pangi also supports standard otpauth:// QR codes and encrypted Pangi backup files.

What happens if I lose my phone?

If you have iCloud sync enabled, your encrypted accounts are recoverable on a new device signed into the same Apple ID. You can also create encrypted backup files to store separately as an additional safeguard.

If you lose both your device and your backup password, encrypted backups cannot be recovered — Pangi cannot access your data, by design.

Does Pangi have home screen widgets?

Yes. Pangi offers a small widget (one account) and a medium widget (up to three accounts). Widget codes are automatically hidden when the device is locked to protect your privacy, and refresh automatically at each TOTP period boundary.

How does the clipboard auto-clear work?

When you copy a TOTP code, Pangi automatically clears it from the clipboard after 30 seconds. The clipboard is also set to local-only mode so the code doesn't sync to your other Apple devices via Universal Clipboard. If you copy something else first, Pangi won't touch your new clipboard content.

Does Pangi support iOS AutoFill?

Yes. Pangi includes an iOS Password AutoFill extension. When signing into a website or app, Pangi can appear in the QuickType bar above the keyboard to provide your one-time code directly — no need to switch apps and copy manually.

Pangi mascot giving a satisfied approval with a checkmark speech bubble
Support

Need help?

Pangi is built and personally supported by Jacob Suchorabski. For questions, bug reports, or feature requests, reach out directly — no ticket queue, no bots.

jacob@suchorab.ski
Pangi mascot in a thoughtful pose holding a lock, ready to help

Ready to protect your codes?

Pangi is coming to the App Store soon. Secure, private, and built for Apple.

Pangi mascot flexing confidently with a lock badge, celebrating security