Which is an ideal 2FA Authenticator in terms of Encryption primarily? Ente or Aegis?

I have been thinking to stick with one of the two, Ente and Aegis. But I have a few questions which when answered would make my decision easier.

With Aegis, it’s totally local.

1. Or does it have any option to directly backup to any external cloud storage? (Not the android backup)
2. Does it encrypt the vault files on the device locally when at rest? Or only when I create a backup?

With Ente - I know it is end to end encrypted

1. Does Ente Encrypt the vault file locally when on device at rest when i use it in offline mode i.e., without an account? Or only encrypts when I use it with an account?
2. If it encrypts locally when at rest without using an account, what encryption does it use to encrypt locally at rest? Is it the same encryption method that is used for online backup or the Android secure storage?

These questions can clarify me enough to make a decision. Kindly provide me the answers.

Both are great options and are fantastic at what they do.

If you’re actually and genuinely caring about the literal encryption method/methodology, you should simply use KeePassXC which is fully offline as your threat model appears to be that high.

Edit: the website and all the info they provide should easily answer these questions. I don’t have it memorized. I recommend and prefer Ente as it is fully cross platform with beter feature set and functionality.

Ente seems good, but the only question i have is if it encrypts the files at rest locally?
The website doesn’t provide any info about this

Yes. It is E2EE.

Edit: It does answer that question.

Isn’t it about ente photos?

Also does ente know my mail id if i create an account? Or it is also encrypted? I might sound silly but i don’t know how it works with ente.

Any service will know that one has created an account with an email ID. But not every service knows that it was you (identifiablly) that used a particular email ID they can connect to you.

They have the same FAQ for both products. It’s the same digital infrastructure they are using.

You should not have anything to worry about. I don’t know what more of a concen anyone can have with Ente seeing how public, transparent, and trustless they are.

Like I said, if you have such specific concerns that somehow is legitimate, then please use KeePassXC.

Okay, thanks for the answers tho

I answered your question. Not sure what you were actually looking for.

Your phone storage is encrypted I hope, right?

Aegis can make a backup file/export for you. As Ente as well. I use both and shove those files into a Keepass database with Keepass2Android. I then syncthing the Keepass file to other places for safety.