Privacy Policy
Permissions and Privacy
Permissions and privacy is key to why NinjAuth was born. Personally, I don't really trust 3rd party providers that want me to store my secrets (this is the term used for the secret data that is read from the QR codes on the 2-factor authentication forms) on their servers and asking me to give them permissions for a lot of things that are not necessary for such an app.
In NinjAuth, you have 100% control over your data. You can backup to wherever you want (I'd recommend using your Google Drive) using password-protected ZIP files. The ZIP file may contain:
- image files containing QR codes for the accounts so that you can import them to another authenticator apps, if you wish so
- a data JSON (JavaScript Object Notation - a structured data holder) file that is used by NinjAuth when you restore your accounts on a device
Camera
The app ("NinjAuth") requests access to your camera in order to allow you to easily read QR codes from the 2-factor authentication forms used on websites. The app does not take pictures or share pictures with anyone.
Internet (optional)
The app normally does not have access to the Internet. However, if you decide to enable the Time Corrector module, the app will have access to the Internet in order to synchronize time with remote servers. This provides the app the ability to use the true time even if your device could not adjust the time from your network provider which would result in wrong code generation.
Even if you enable the optional Time Corrector module, the app won't send any of your either private or anonymous data because it only requests time from a public NTP (Network Time Protocol) server. The request contains only the local time and nothing else (it is needed in order to get the actual time from the results).