Gembok Authenticator is a software-based (virtual) authenticator that generates two-step authentication tokens and stores passwords directly in the browser. It is written in HTML and JavaScript, and works on modern browsers such as Google Chrome, Firefox, Safari, and others. All data is stored in a simple JSON file that can be saved locally or synced with Google Drive.
- Generate TOTP tokens (compatible with Google Authenticator)
- Store passwords securely alongside tokens
- Google Drive integration for cloud sync
- AES-GCM encryption with 600k PBKDF2 iterations
- JSON editor for advanced users
- User-friendly forms for adding/editing items
- Light and dark theme support
- Single HTML file - fully portable
Gembok Authenticator uses the same algorithm as most software-based authenticators, including Google Authenticator. Based on limited personal testing with services such as Twitter and AWS, no compatibility issues were found.
Gembok Authenticator uses the following libraries:
- otpauth by Héctor Molinero Fernández
- Google Drive API for cloud storage
- Native Web Crypto API for AES-GCM encryption
v2.0 (2026/01/16)
- Added Google Drive integration (open/save files)
- Added password manager functionality
- Added JSON editor with real-time sync
- Added user-friendly forms for adding/editing items
- Added light/dark theme toggle
- Migrated to AES-GCM encryption (600k PBKDF2 iterations)
- Replaced native dialogs with custom UI dialogs
- Added settings page with persistent preferences
- Encryption on save enabled by default
v1.2 (2022/01/02)
- Added support for reading JSON files encrypted with AES-256-CBC
v1.1 (2021/09/19)
- Added support for copying tokens to the clipboard
v1.0 (2021/08/03)
- Initial release
Written by Rio Astamal.
This application is open source and licensed under MIT license.
Edit your JSON credentials below. Changes are automatically reflected on the Tokens page.
Configure your preferences below.
Add a new authentication token by filling the form below.
Update the authentication token details below.
Gembok Authenticator stores all token and password data in a JSON file. You can create items using the New Token form, edit them in the Editor, and save the file to your computer or Google Drive.
1. Click New Token to add your first item
2. Enter provider name (required) and secret key (optional for password-only)
3. Optionally add a password to store alongside the token
4. Click Add Token to save
5. Use Save to Disk or Save to Google Drive to store your data
Option 1: New Token Form
Use New Token to add items through a user-friendly form. Enter the provider name (required), secret key (optional), and password (optional). You can create token-only, password-only, or combined entries.
Option 2: Using Editor
Advanced users can create or modify items directly using the Editor. Changes are automatically reflected on the Tokens page. Below is an example JSON structure:
[
{
"provider": "Google",
"description": "Main account",
"secret": "I5XW6Z3MMUQG2YLJNYQGCY3D",
"password": "mySecurePassword123",
"period": 30,
"digits": 6,
"algorithm": "SHA1",
"indicatorColor": "red"
},
{
"provider": "AWS",
"description": "Root account",
"secret": "IFLVG4TPN52GCY3D",
"indicatorColor": "orange"
},
{
"provider": "MyBank",
"description": "Password only",
"password": "bankPassword456",
"indicatorColor": "blue"
}
]Required: provider
Optional: secret, password, description, period (default: 30), digits (default: 6), algorithm (default: SHA1), indicatorColor (default: red)
- Open from Google Drive: Load your credentials file from Google Drive
- Save to Google Drive: Update existing file or create new one
- Save As to Google Drive: Save a copy with a new name
Connection status shown in footer when authenticated
Files are encrypted using AES-GCM with 600,000 PBKDF2 iterations. Encryption is enabled by default (see Settings to change). When opening an encrypted file, you'll be prompted for the passphrase. Below is an example encrypted with passphrase "gembok":
a3FEMDiJs7rr9/aFzFwBAE39ursOsbZVRj0Zt6G85r6Oh5s8X1/gZ8057KLGXTihpg7i9i733PXptVpFys3vNaC805Fdl7Olce6l1NCbjzvLOLa1+7Lf6QpExxX2ksB3A3LyF1uOb6NtLcDhu95wC/VkmqSqun0tSI4Vn1M4UIilyfsFK6N6rmGuRXMzcRyp8wKG5oMo2Pr7SM68F+n4IbMbNFtybkUEfU7RU2WpdjXtg2sn1JIksEE1v118tA+lRC/1ZOyySU4XKUI8zFRmCg2gh5qjSwjPKOYp+0AmWaItqPectcksfWlvSIQrUnf/r2/BbmSzVsROWgsW0YKAqGOTnlmTQ0Tjqmc3PREUAeqGX3L/VJg+zsHiHo7J997eaqIAjtyqg7qEpHV6wtLOlZqG+G9iV/z2EhUihVWkejOwckXxvyTuLcEec73PufCMWE90KC4TPNq1pvCxQSD27XE8nu/aFSfn/ojG/urzoJHIAgE689OWU3OMPkiBsqRIrFknzbTyJxndEn+d/U2yohUcEzBtqRkCCBZhX3etxA9Ru9cMBdnXFmZ3Otkjb8eFqwc8ORIRB5qA7AOP2VrIeIcwvkjzynrDkPjjpzlZsjDy7mKpq4cGdTOmCBhswEtfHblqrBeaQk/xTGhuyy9gqJLkxOD32fkP+bMJMVjg4ePE9EmyQ3+Na2qvhIf2emnBmaA4KeY+o+mPJyPevNDQkU9YnKRfhwhqVM82fFexM356w2wlYGtSiidfCQ7CMBd8gnMs1OfKbm+PeZL4kb7IY7Sy/9x9Elhoh78DWix79vHnUIJqzkisJt4/bDi0PgA9UJ09eJLQ0kJRzyexHE7JXwBOIxjICmvP87KWP/uRaDJw6pFY0KeOI3FIhsZbdA08DYctJ1KUjGyla3Yx6xaJB3np/0J+bG+u6scm2yCzZlbw7Olx9Lag1ikZArTewxJzLeK2t6PbvO0fC+xh+Bh8snct9ZH+X0LWRFIpk08a8okKfOXSigDoPh31SJveHFka4DIvLjphEo6q2Q+9NMe36vfivwkG5ucjqfeIxUiXnsE6I5Cd+BY4dZjRaGh4TVNK6mtDuquDUHXxk0Kks5mY7ETFMSL/wNKKRCvkO+ZzfQDSECV0RcffpZCGDU6Fcy/a4suu/GJStnO944AlHqT14Mk3pDZni+0LsAFK5FZVjKckGgyMI0Bv8LY3IY7MHh91I7dK
- Encrypt JSON on Save: Enable/disable automatic encryption (default: enabled)
- Light Theme: Toggle between dark and light themes
Settings are saved automatically and persist across sessions
Create a new token or open a file from Disk or Google Drive to get started.