Extension Details
Context-Aware Verdict
The extension has very limited trust indicators with only 4,000 users and a below-average rating of 3.6 stars from just 19 reviews. The developer website appears to be a personal domain rather than an established company, which raises questions about accountability and long-term support. The low user adoption and poor rating suggest potential issues with functionality or user experience.
The permission set is extremely excessive for a 2FA authenticator application. The combination of identity, tabs, videoCapture, and broad host permissions (<all_urls>) creates a dangerous attack surface. A legitimate 2FA tool should not need access to all websites, video capture capabilities, or identity information. The ability to inject content scripts into any website means this extension could potentially steal login credentials, session tokens, or other sensitive data from any site you visit. The videoCapture permission is particularly concerning as it could enable unauthorized recording.
Do not install this extension. The permission requirements are completely unjustified for a 2FA authenticator and present significant security risks. Instead, use established 2FA applications like Google Authenticator, Authy, or Microsoft Authenticator. If you must use a browser-based 2FA solution, choose one from a reputable developer with appropriate, limited permissions. The current permission set suggests this extension could function as spyware or credential harvesting malware rather than a legitimate security tool.
Findings
Security Analysis Details
Required Permissions:
- tabs
- sidePanel
- storage
- identity
- videoCapture
- unlimitedStorage
Host Permissions:
- <all_urls>
- http://*/*
- https://*/*
Embedded URLs (44 total):
| http://www.w3.org/2000/svg | https://vuejs.org/error-reference/#runtime- | |
| https://lodash.com/ | https://openjsf.org/ | |
| https://lodash.com/license | http://underscorejs.org/LICENSE | |
| https://npms.io/search?q=ponyfill. | https://github.com/hectorm/otpauth | |
| https://github.com/paulmillr/noble-hashes | https://www.googleapis.com/drive/v3/files/ | |
| https://www.googleapis.com/drive/v3/files | https://www.googleapis.com/upload/drive/v3/files/ | |
| https://www.googleapis.com/drive/v3/files?q= | http://www.w3.org/1998/Math/MathML | |
| http://www.w3.org/1999/xlink | https://github.com/zloirock/core-js/blob/v3.42.0/LICENSE | |
| https://github.com/zloirock/core-js | https://tailwindcss.com | |
| https://github.com/hprobotic/Google-Sans-Font/raw/refs/heads/master/GoogleSans-Regular.ttf | https://github.com/hprobotic/Google-Sans-Font/raw/refs/heads/master/GoogleSans-Medium.ttf | |
| https://github.com/hprobotic/Google-Sans-Font/raw/refs/heads/master/GoogleSans-Bold.ttf | https://apicustom.mivongifts.com/api | |
| https://www.googleapis.com/oauth2/v3/tokeninfo?access_token= | https://www.googleapis.com/auth/drive.file | |
| https://2faauthenticatorguard.leducgiachoang.com/privacy.html | https://www.svgrepo.com/show/475656/google-color.svg | |
| https://www.googleapis.com/oauth2/v3/userinfo | https://ko-fi.com/Q5Q61GJJP1 | |
| https://storage.ko-fi.com/cdn/kofi6.png?v=6 | https://accounts.google.com/o/oauth2/revoke?token= | |
| https://chromewebstore.google.com/detail/2fa-authenticator-guard/pdiccmolmknojplidnlkaenkejbminpp | https://www.cloudflare.com/cdn-cgi/trace | |
| https://img.icons8.com/external-tal-revivo-light-tal-revivo/100/12B886/external-input-login-passcode-with-private-asterisk-symbol-login-light-tal-revivo.png | https://img.icons8.com/external-kmg-design-glyph-kmg-design/100/12B886/external-qr-code-protection-and-security-kmg-design-glyph-kmg-design.png | |
| https://img.icons8.com/external-nawicon-mixed-nawicon/100/12B886/external-Password-internet-security-nawicon-mixed-nawicon.png | https://img.icons8.com/external-xnimrodx-lineal-xnimrodx/100/12B886/external-cloud-big-data-xnimrodx-lineal-xnimrodx-4.png | |
| https://clients2.google.com/service/update2/crx | https://www.googleapis.com/auth/userinfo.email | |
| https://www.googleapis.com/auth/userinfo.profile | https://fonts.googleapis.com/icon?family=Material+Icons | |
| https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined | https://fonts.googleapis.com | |
| https://fonts.gstatic.com | https://fonts.googleapis.com/css2?family=Poppins:ital |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "/img/logo.png", "32": "/img/logo.png", "48": "/img/logo.png", "128": "/img/logo.png" }, "oauth2": { "scopes": [ "openid", "https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/drive.file" ], "client_id": "1046790490568-jk1tgrrck1ovlgh8e2ts3qci41c373cv.apps.googleusercontent.com" }, "version": "2.6.8", "background": { "service_worker": "/background.js" }, "side_panel": { "default_path": "sidepanel.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDescription__", "permissions": [ "tabs", "sidePanel", "storage", "identity", "videoCapture", "unlimitedStorage" ], "default_locale": "en", "content_scripts": [ { "js": [ "/content.js" ], "matches": [ "<all_urls>" ] } ], "host_permissions": [ "<all_urls>", "http://*/*", "https://*/*" ], "manifest_version": 3 }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.