You're working on your Mac, logging into a service, and then — "Enter your verification code." You stop. You reach for your phone. You unlock it. You open the authenticator app. You squint at tiny digits. You type them in before the timer runs out. If you're lucky, you make it. If not, you wait for the next code and do it again.
I got tired of this, so I built Mactokio (Mac + Token + I/O) — a free, open-source authenticator that lives right on your Mac.
What is Mactokio?
Mactokio is a lightweight authenticator app built natively for macOS. It generates the same verification codes as Google Authenticator or Microsoft Authenticator — but directly on your desktop. No phone needed.
Free. Open source. Offline. Your secrets never leave your Mac.
No cloud. No account. No subscription.
Why Not Just Use What's Already Out There?
Most authenticator solutions fall into two camps:
| Phone-only apps | Cloud-synced apps | Mactokio | |
|---|---|---|---|
| Examples | Google Authenticator, Microsoft Authenticator | Authy, 1Password | — |
| Works on Mac? | No | Yes | Yes |
| Secrets stored | On your phone | On their servers | On your Mac only |
| Requires account? | No | Yes | No |
| Cost | Free | Free / Paid | Free |
| Open source? | No | No | Yes |
Mactokio is the third option: your codes, on your Mac, encrypted on your disk, and nowhere else.
The Killer Feature: Safe Account Import via Webcam
Let's talk about the elephant in the room. How do you actually move your authenticator accounts from your phone to your Mac?
Here's what the typical workflow looks like:
- Open Google Authenticator on your phone
- Go to Transfer accounts → Export
- A QR code appears — this QR contains every single one of your secret keys in readable form
- You take a screenshot
- Now you need to get that screenshot to your Mac
- So you send it via... Email? Telegram? WhatsApp? AirDrop?
Think about what just happened. That screenshot — containing the master keys to all your accounts — is now:
- Sitting in your email sent folder (stored on Google/Microsoft servers)
- Saved in your Telegram/WhatsApp chat history (on their cloud servers)
- In your phone's photo gallery (possibly auto-synced to iCloud or Google Photos)
- Cached in whatever transfer app you used
- Potentially visible to anyone who gains access to any of those services
You just took the most sensitive data you own and scattered copies of it across the internet. The very act of transferring your secrets has created a bigger security risk than not having two-factor authentication at all.
Mactokio's Approach: Just Point Your Camera
Mactokio eliminates this entire problem. Instead of transferring a file, you simply hold your phone up to your Mac's webcam.
| Step | What you do |
|---|---|
| 1 | Open Google Authenticator → Transfer accounts → Export |
| 2 | Open Mactokio → click + → From Camera |
| 3 | Hold your phone's screen up to your Mac's webcam |
| 4 | Done. All your accounts are imported. |
No screenshot. No file transfer. No email. No messaging app. No cloud.
The QR code goes directly from your phone's screen, through the air, into your Mac's camera, gets encrypted, and is stored safely on your disk. The secret never exists as a file, never touches a network, and never leaves the space between your two devices.
Your secrets travel through physical space, not through the internet.
The Camera is Smart About It
The scanner doesn't just grab the first QR it sees. It carefully watches the QR code across multiple frames before accepting it — this prevents mistakes from partial scans or blurry images. You'll see clear visual feedback the whole time:
| What you see | What it means |
|---|---|
| Highlight border | Scanner found a QR code, verifying... |
| Green border | Valid authenticator code — imported! |
| Red border | QR found but not a valid authenticator code |
A momentary hand wobble won't reset the scan — there's a built-in grace period. Just hold your phone reasonably steady and the app does the rest.
All Your Accounts in One Scan
Google Authenticator's export puts all your accounts into a single QR code. Mactokio fully supports this — one scan imports every account at once. Each secret is individually encrypted. One scan, all your accounts, zero exposure.
The camera is the safest and recommended way, but Mactokio also supports: With every method, the same principle applies: the secret is encrypted the instant it's read, and is never stored unprotected on your disk. But if you can use the camera, use the camera. It's the only method where your secret never exists as a digital file outside your two devices.Other ways to import (From File / From Clipboard)
How Mactokio Protects Your Secrets
1. Your Mac Guards the Door — Touch ID & Device Password
Before you can see anything, Mactokio asks for Touch ID or your Mac's password — the same authentication you use to log into your Mac. This isn't some new password that Mactokio asks you to create. It's your Mac's own built-in security, managed by Apple.
- Touch ID (fingerprint) if your Mac supports it
- Your Mac password as a fallback
- Required every single time you open the app — no "stay logged in", no "remember me"
- If someone sits down at your unlocked Mac, they still can't see your codes without your fingerprint or password
You already trust this to protect your entire Mac. Mactokio simply puts the same lock on your verification codes.
2. Your Secrets Are Locked to Your Hardware
Your secrets are protected by a second layer: AES-256 encryption — the same standard used by governments and banks to protect classified data.
The encryption key comes from your Mac's unique hardware identity. It's not a password you choose or type. It's something only your specific Mac can produce.
- Your encrypted secrets are useless on any other computer — even if someone copies the files
- There's no master password to remember, forget, or have stolen
- Even if your Mac is stolen and someone extracts the hard drive, the secrets are unreadable without the original hardware
Two layers working together: your fingerprint (or password) controls who can open the app, and your Mac's hardware controls who can read the data.
3. Completely Offline
Mactokio makes zero internet connections. None.
| What some apps do | What Mactokio does |
|---|---|
| Phone home on launch | Nothing |
| Check for updates online | Nothing |
| Send usage analytics | Nothing |
| Sync to cloud | Nothing |
Your secrets exist in exactly one place: encrypted on your Mac.
4. Auto-Lock
If you reveal a code and walk away, it hides itself automatically after about 90 seconds. Your codes aren't left sitting on screen for anyone to see.
What You Get
| Feature | |
|---|---|
| Verification codes on your Mac | No more reaching for your phone |
| Works with any service | Google, GitHub, AWS, Discord — anything that uses authenticator codes |
| Search and filter | Quickly find the account you need |
| One-click copy | Click a code → it's on your clipboard → paste it |
| Visual countdown | See exactly how much time before the code changes |
| Clean, minimal interface | Small window that stays out of your way |
| Free and open source | No subscriptions, no ads, no hidden costs |
Getting Started
Step 1: Install
- Download
Mactokio.zipfrom the latest release on GitHub - Unzip and move Mactokio.app to your Applications folder
- Right-click the app → click Open (required the first time only, because the app isn't from the App Store)
- Authenticate with Touch ID or your Mac password
That's it. No account creation, no setup wizard, no configuration.
Step 2: Import Your Accounts
The recommended way — From Camera:
- On your phone, open your authenticator app and go to the export or transfer option
- In Mactokio, click the + button → From Camera
- Hold your phone's QR code up to your Mac's webcam
- Mactokio detects the code and imports your accounts automatically
Your accounts appear in the list, encrypted and ready to use.
Tip: You can also add accounts one at a time — whenever a website shows you a QR code to set up two-factor authentication, just scan it with Mactokio's camera instead of (or in addition to) your phone.
Step 3: Use Your Codes
- Click an account to reveal its current code
- Click the code to copy it to your clipboard
- Paste it wherever you need it
Codes auto-hide after about 90 seconds for security.
It's Free and Open Source
Mactokio is completely free under the MIT license. The entire source code is publicly available on GitHub — anyone can inspect exactly how the app handles your secrets, build it from source, or contribute improvements.
If Mactokio saves you from reaching for your phone, a star on GitHub helps others discover the project.
Mactokio requires macOS 13 or later. No accounts. No cloud. No tracking. Just your codes, on your Mac.
Top comments (0)