Orthy.io
Orthy.io is a SaaS application for sharing 2 factor authentication codes between multiple users. Ever had an account that multiple people need access to for work purposes but the person who's phone has the 2FA on is on holiday? Orthy.io solves that exact issue!
The Problem
Every team has experienced it: a shared account protected by 2FA, and the only person with the authenticator app is on holiday, unreachable, or has left the company. The result? Locked out of critical systems, scrambling for workarounds, or worse — disabling 2FA entirely and compromising security.
This wasn't a hypothetical problem. It was a real pain point I encountered in a professional setting, and it became clear that the existing solutions — sharing screenshots of QR codes, passing around backup codes, or just hoping the right person was always available — weren't good enough.
The Solution
Orthy.io is a secure 2FA sharing platform that lets teams share TOTP codes without compromising security. Add your 2FA secrets once, invite your team, and everyone with access can generate valid codes — from the web dashboard or the mobile app.
Security was non-negotiable. The platform is built on three core principles:
AES-256 Encryption — All TOTP secrets are encrypted at rest using industry-standard AES-256 with a rotating key architecture.
Zero-Trust Architecture — Access is strictly limited to authorised team members. Internal staff cannot access decrypted secrets.
Blind Indexing — Database queries use blind indexing, meaning even a compromised database wouldn't expose usable data.
Technical Challenges
Offline-First Mobile App
The biggest technical challenge was ensuring the React Native mobile app could generate valid TOTP codes while completely offline. This is critical — you can't have an authenticator app that fails when you're in a basement server room with no signal.
The solution required careful architecture: encrypted secrets are synced to the device and stored securely, with the TOTP generation happening entirely client-side. The app doesn't need to phone home to generate a code — it just works.
Cross-Platform Development
Building the mobile app with React Native and Expo was a significant learning experience. Coming from a Laravel/PHP background, TypeScript and the React Native ecosystem presented a steep curve — but the result is a native-feeling app on both iOS and Android from a single codebase.
The Stack
I built the entire platform solo — backend, frontend, infrastructure, and mobile apps:
Backend — Laravel API with Statamic for the marketing site
Frontend — Alpine.js and Tailwind CSS for the web dashboard
Mobile — React Native with Expo and TypeScript for iOS and Android
Infrastructure — Full deployment pipeline and hosting infrastructure
Timeline
MVP to launch: 3 months. From initial concept through to a production-ready platform with web dashboard, API, and mobile apps for both platforms.
Gallery
