Privacy Policy

Last updated: March 29, 2026

Data Collection

2FA Authenticator – Fast & Secure does not collect, transmit, or share any personal information or browsing data. All data — including account secrets, settings, and preferences — is stored locally on your device using Chrome's built-in storage API and is never sent to external servers.

Encryption

All account secrets are encrypted using AES-256-GCM with PBKDF2 key derivation (100,000 iterations) before being stored. The encryption key is either derived from your master password or from a device-generated random key. All cryptographic operations use the browser's built-in Web Crypto API.

Permissions Used

storage

Save your encrypted account data and extension settings locally on your device.

clipboardWrite

Copy generated 2FA codes to your clipboard when you click on them.

tabs (optional)

Capture the visible tab content when scanning QR codes. Only activated when you choose to scan a QR code.

scripting (optional)

Inject the QR code scanner overlay onto the current page. Only activated when you initiate a QR scan.

activeTab (optional)

Access the current tab for QR code scanning. Only activated on your request.

Third-Party Services

This extension does not integrate with any third-party analytics, advertising, or data collection services. It has zero external dependencies — all functionality is built with native browser APIs.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be reflected on this page with an updated date.

Contact

If you have questions about this privacy policy, please contact us at contact@oneclicktool.com