mamadra.dev
← All projects
Live App 2026

WearAuth

Two-factor codes on your phone and your watch.

Scan an otpauth:// QR code once, and your six-digit TOTP codes are always at hand — on the phone, on the watch face, and as a Wear OS Tile of up to five accounts.

Fully offline and encrypted on the device, with a wrist-detection lock that hides your codes the moment you take the watch off. There's no server to leak.

What it does

Wear OS, first-class

The phone is the source of truth. The watch syncs over Wearable Data Layer and keeps generating codes when the phone is unreachable.

Wrist-detection lock

Codes on the watch hide the moment it leaves your wrist. An active phone unlock (biometric or PIN) silently re-grants access.

Biometric on launch

Optional fingerprint / face lock for the phone app. Off by default — turn it on in Settings.

Encrypted at rest

All secrets stored in AndroidX EncryptedSharedPreferences (AES-256-GCM via the platform Keystore). Never plaintext on disk.

Recovery backup

Optional encrypted backup to the paired watch AND to your own Google Drive App Data folder. One password, two independent recovery channels.

Export / import

Encrypted JSON export (AES-GCM + PBKDF2) for an offline copy on your terms. Import on any device with the password.

Requirements

Phone
Android 8.0 (API 26) or newer
Watch
Wear OS 3.0 (API 30) or newer
Wrist-detection lock
Watch with an off-body sensor (e.g. Galaxy Watch6 and most modern Wear OS watches)
Backup to Drive
A Google account, App Data scope only

Built with

Kotlin Jetpack Compose Wear OS Wearable Data Layer AES-256-GCM RFC 6238

WearAuth is proprietary. Android, Wear OS and Google Drive are trademarks of their respective owners.