Phone-Free 2FA by ReDD Firefox

Phone-Free 2FA by ReDD

Open-source, local-only authenticator for time-based one-time passwords (TOTP).
Phone-Free 2FA by ReDDPhone-Free 2FA by ReDDPhone-Free 2FA by ReDD
Download Install

Features & Capabilities

Use your computer browser for 2FA so you don't need to reach for your phone every time you log in to e.g. your Microsoft account.

Phone-Free 2FA runs in your browser's sidebar, so your codes stay visible next to the page you're logging into — no hunting through pinned tabs or toolbar popups.

Phone-Free 2FA by ReDD is developed by computer scientists at the University of Oxford (Dr Ulrik Lyngs) and the University of Maastricht (Dr Konrad Kollnig, Henry Tari), as part of the Reduce Digital Distraction Project (reddfocus.org).

⚙️ How it works Two-factor authentication (2FA) makes digital life much more secure — a hacker can't get in with your password alone. Phone-Free 2FA is an authenticator that uses the most common method: time-based one-time passwords (TOTP). You add a 2FA secret key from any service that supports TOTP (e.g. a university Microsoft account). Phone-Free 2FA encrypts it locally and generates a fresh 6-digit login code every 30 seconds.

All data is stored locally in encrypted form in the browser using the extension storage API. Nothing is sent over the network. The code is fully open-source — you can find it at https://github.com/ulyngs/redd-phone-free-2fa

Secret keys are encrypted with AES-256-GCM, using a master passphrase that is key-derived via PBKDF2 with 600,000 iterations. The extension auto-locks after configurable inactivity (or immediately when you close the sidebar) and clears copied codes from the clipboard after 30 seconds. Failed unlock attempts trigger progressive lockout to deter guessing.

🖐️ Biometric unlock Biometric unlock is not currently available on Firefox — the browser does not allow the WebAuthn Credentials API from extension pages. Use your master passphrase to unlock. Biometric unlock (Touch ID on macOS; passkey providers such as Google Password Manager on Windows) is available on Chrome and Edge.

📦 Backup and migration Users can export password-protected backups or view their secret keys to transfer accounts to a different authenticator.

🔐 Strong-by-default passphrase Master passphrases must be at least 12 characters, and new passphrases are checked locally against common-password lists, keyboard patterns (qwerty, 12345…), and repeating patterns so that weak choices are caught at setup time rather than later.

User Growth & Download Statistics

Manifest V3 Add-on
By:
The Reduce Digital Distraction Project
Daily users:
6
Version:
2.2 Last updated: 2026-06-10
Version code:
6301024
Creation date:
2026-02-14
Risk:
Moderate risk impact High risk likelihood
Permissions:
Size:
611.60KB
Email:
te*****@reddfocus.org
URLs:
Website ,Privacy policy
Full description:
See detailed description
Source:
Firefox Add-ons Store
Data ingested on:
2026-06-20
Compare stats and ranking:

Ranking

# 40,186 ▼ 159
Other rankings
#26 in phone keyword 39 #155 in honey keyword 33 2#194 in password-protected keyword 48 #223 in free vpn keyword 93 2#250 in free keyword 94

For Developers

Monetize with App Pass Boost with Extension Booster

Contact the developer

Chrome-Stats does not own this Firefox add-on. Please use these information below to contact the Firefox add-on developer.
Developed by:
The Reduce Digital Distraction Project
Firefox Add-ons Store
https://addons.mozilla.org/firefox/addon/redd-phone-free-2fa/
Email:
te*****@reddfocus.org
Website:
https://reddfocus.org

Is Phone-Free 2FA by ReDD Safe?

Risk impact
Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypassing your security settings, and accessing your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Phone-Free 2FA by ReDD requires a few sensitive permissions. Exercise caution before installing.

Risk impact analysis details
  • Critical Grants access to browser tabs, which can be used to track user browsing habits and history, presenting a privacy concern.
Risk likelihood
Risk likelihood measures the probability that a Firefox add-on may turn malicious. This is determined by the publisher and the Firefox add-on reputation on Firefox Add-ons Store, the amount of time the Firefox add-on has been around, and other signals about the Firefox add-on. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Firefox add-on.

Phone-Free 2FA by ReDD may not be trust-worthy. Avoid installing if possible unless you really trust this publisher.

Risk likelihood analysis details
  • High This extension was recently updated in the past month. New updates may not be stable or safe.
  • High **** ********* *** *** **** ****** ********* ********** *** *** ** ****** ** *****
  • Medium **** ********* *** ***** ** *** **** * ******* *** ********** *** *** ** ****** ** *****
Extension Guard
Extension Guard

Discover every extension in use, analyze risks, and enforce blocking policies with Extension Guard

Secure Your Browser
Upgrade to see full risk analysis details

Best Phone-Free 2FA by ReDD Alternatives

Here are some Firefox add-ons that are similar to Phone-Free 2FA by ReDD:

ReDD 2FA: Simple Authenticator
The Reduce Digital Distraction Project
6 0.00 (0)
2FA Authenticator
Authenticator
36 0.00 (0)
2! Authenticator
FlyteSoft
24 0.00 (0)
NoPhone TOTP
Kybiu
5 0.00 (0)
TOTP Viewer
Haruka Yamamoto
2 0.00 (0)
TOTP Authenticator
Aldaror
6 0.00 (0)
Local 2FA: Secure OTP Manager
nahuel
7 0.00 (0)
Two-Factor Authenticator
12betgg
12 0.00 (0)
TabAuth.in - Securely Lock Tabs using TOTP
Sanju S
- 5.00 (1)
SafePass Authenticator
roper
1 0.00 (0)
2FA
Authenticator
90 0.00 (0)