Keep your sign-in codes in one calm place.
Use Hottub Auth for the same two-factor codes you already use on email, developer tools, banking, work apps, and personal accounts.
Use Hottub Auth as a private authenticator for everyday accounts. Connect Hottub when you want sign-in approvals, match codes, and future trusted actions reviewed from your phone.
Works signed out. Encrypted on device. Built for iOS, Android, and Apple Watch approvals.
One-time codes for any service that supports authenticator apps
Add accounts by QR code or setup key
Keep your vault encrypted on this device
Back up and restore with an encrypted file you control
Codes, recovery, and approvals each get a clear surface. No noisy feed, no maze of settings, and no need to create a Hottub account just to use the authenticator.



Hottub Auth is designed to make high-trust moments legible: what is asking, where it came from, what code should match, and when the request expires.
Use Hottub Auth for the same two-factor codes you already use on email, developer tools, banking, work apps, and personal accounts.
Your authenticator vault is local-first and encrypted. You can use the core app without creating a Hottub account.
Encrypted backup and restore give you a deliberate way to protect against device loss while keeping the passphrase in your hands.
Hottub approvals are built around context, expiry, and match codes so a prompt feels understandable instead of vague.
As Hottub adds private RSVPs, trusted hosts, contact exchange, and Deck approvals, Auth can be the place where you review and approve what matters.
Codes, QR import, manual setup, local vault storage, and file backup work without a Hottub account.
Setup keys stay local or inside encrypted backup envelopes. Hottub does not need plaintext secrets to help you protect them.
Approval requests should show the action, device, domain, match code, and expiry before you decide.
Deck handles machines and agents. Auth protects your accounts, recovery, and the approval moments around them.
Save one-time codes, search your accounts, and see countdowns clearly when a site asks for verification.
Export an encrypted backup when you want one, restore it when you need it, and keep the passphrase outside Hottub.
Approve Hottub sign-ins from your phone with a match code so you know the request belongs to the browser in front of you.
Future Hottub RSVPs, host approvals, contact exchanges, and Deck actions can use Auth as the consent step.
The core authenticator remains useful on its own. Hottub-specific approvals are optional and tied to the account you connect.
No. The core authenticator is for any website that supports authenticator apps. Hottub account connection is optional and adds Hottub sign-in approvals.
No. The vault is local-first and encrypted on device. Backup and recovery are designed around zero-knowledge envelopes so Hottub does not need plaintext setup keys.
Approvals are clear requests you review on your trusted device, such as a new sign-in. They show context, an expiry, and a match code so you can approve or deny with confidence.
Use encrypted backup and restore when you change devices. Keep your backup passphrase safe because Hottub cannot recover a zero-knowledge backup without it.
The current app focuses on one-time codes, encrypted vault storage, backup, and Hottub approvals. Passkeys and AutoFill are planned as OS capability and device testing work is completed.
Use it for codes today. Connect Hottub when you want clear approvals for sign-ins and future trusted actions.