Sign in Start free

Product

A complete 2FA platform — not a feature bolted onto a password manager.

Six pillars. One platform. Built for teams that take secrets seriously.

Start free trial See pricing →

Shared TOTP vault

Encrypted seeds (AES-256-GCM), server-side code generation
Per-token group access with code-only vs full-seed permissions
1,200+ branded icons auto-resolved; custom icons supported

Provision local numbers in the US, Canada, UK, EU, and 30+ countries
Inbound messages stream over SSE with sub-second delivery
Per-number permissions and a full audit trail

Roles & permissions

Four built-in roles: owner, admin, member, viewer
Groups for project- or client-scoped access
Time-bound grants for contractors and incident response

Token views, code generation, SMS reads, permission changes
365-day retention; CSV / JSON / NDJSON export
Hash-chained for tamper-evidence

Scoped API keys (tokens:code, sms:read, …)
IP allow-listing, expiry, single-use bindings
Webhooks for inbound SMS and audit events

Native iOS and Android (in active development)
Offline TOTP generation with biometric unlock
Push notifications for inbound SMS

How it fits together

One backend. Many surfaces.

Web, mobile, CLI, and your CI all talk to the same encrypted vault, the same audit log, and the same permission model.

Clients

Web app
iOS · Android
CLI · API

Kaito core

Auth & MFA
Vault (AES-256-GCM)
SMS routing
Audit log
Permissions

Providers

AWS S3 · SES
Bandwidth (US/CA)
Telnyx (intl.)
Inkress (billing)

How we compare

Built for shared 2FA, not retrofitted.

	Kaito	1Password Teams	Authy
Built specifically for shared 2FA	Yes	No	No
Per-token permissions	Yes	Partial	No
Real SMS inbox	Yes	No	No
REST API for codes	Yes	No	No
Audit log on every code view	Yes	Limited	No
Mobile apps with offline TOTP	Coming	Yes	Yes

Full comparisons →

Ready to look under the hood?

Pick any pillar to go deeper, or start a trial and try the whole platform.

Start free trial Book a demo