• What we do

    Full Cycle DevelopmentIT Staff AugmentationAI DevelopmentEnterprise Application DevelopmentTechnology Consulting
    Service Preview
    Service preview

    Full Cycle Development

    End-to-end software development from concept to deployment, using cutting-edge technologies and best practices.

    Learn more
  • Blog
    Stop Leaking Data and Budget: Local LLM Setup in 20 MinutesAutomate your workflow with Atlassian and Claude CLIClaude Code: Installation & Basic Usage GuideContainerizing Node.js Microservices with Docker & KubernetesTop 15 KPIs That Keep Software Project on Track
    Company News
    Your Device, Your Rules: Introducing Citadel Auth 2FABridging Technical Excellence: Theoretical Mathematics and Software EngineeringICAOTA 2026: The First International Conference on Advances in Operator Theory and ApplicationsOne Keypress and... Blink!Introducing ConfigMergeSDK - Modular Configurations for Scalable Apps
    Case Studies
    The New Blueprint: AI-Driven Mortgage EngagementOne Hub. Unified Fintech Control.From Static to Addictive: Content Exchange PlatformMeetings, Transformed: Gesture-Led WorkspaceOperations, Synced: End-to-End Live Process Monitoring
    Featured resource
    Featured article

    The New Blueprint: AI-Driven Mortgage Engagement

    Rebuilt outdated systems and UX to boost performance, accelerate feature delivery, and simplify integrations for a leading real estate tech platform.

    Read more
    See all case studies
  • About Us
  • FAQ
Get Started

We deliver advantage beyond features.
What will you ship?

Get Started
  • Full Cycle Development
  • IT Staff Augmentation
  • AI Development
  • Enterprise Application Development
  • Technology Consulting
  • Case Studies
  • Blog
  • Company news
  • About
  • FAQ
  • Contact Us

Follow Us

Site MapTerms of UsePrivacy Policy
© Energmа 2026. All rights reserved.
Železnička 94, 11300 Smederevo, Serbia

Cookie Preferences

We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. Choose your preferences below.

Essential Cookies

These cookies are necessary for the website to function properly. It is accepted by default.

Always On

Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.

Marketing Cookies

These cookies are used to track visitors across websites to display relevant advertisements.

Your Device, Your Rules: Introducing Citadel Auth 2FA

Written by
Nikola RadivojevicCEO & Co-Founder

Official company updates covering milestones, innovations, and strategic initiatives that drive Energma forward. These announcements keep our community informed about our journey and the impact we're making.

Published: July 19th 2026

At Energma, we build systems we trust. Citadel Auth is the product that started because we couldn't find a 2FA app that met our own standard, and we ended up with an open-source, offline-first authenticator we're proud to ship.

citadel-auth-tokens-screen

The mainstream 2FA market has a structural contradiction: apps designed to protect your accounts quietly introduce their own weaknesses. Through cloud sync, your secrets live on infrastructure you don't control. Account requirements link your identity permanently to your tokens. Closed-source codebases mean the security model is a promise, rather than a proof.

Authentication is load-bearing infrastructure, and most teams treat it like an afterthought. For engineers managing credentials across multiple environments, professionals handling accounts for multiple companies, or enterprises with strict data residency requirements, a cloud-synced, account-tied 2FA is a liability. Citadel Auth gives teams a 2FA solution they can actually audit, control, and trust without depending on a third party to keep it safe.

Citadel Auth uses "Profiles" — high-level containers for separate contexts like Personal, Work, or Client — with "Groups" inside each profile for granular token categorization. Tokens can be pinned, tagged, and searched across all profiles simultaneously.

citadel-auth-profiles-and-groups

Built on a Zero-Knowledge architecture, there are no external accounts, no cloud sync, and no telemetry. Your 2FA secrets live on your device, encrypted locally with AES-256-GCM, and nowhere else. The master password is never stored and is unrecoverable by design. Lose it, and the vault is sealed.

The app is RFC-compliant, supporting TOTP (RFC 6238) and HOTP (RFC 4226) with configurable SHA-1, SHA-256, and SHA-512 algorithms, custom digit counts and time periods, and native Steam Guard support. Tokens can be added by QR scan, manual entry, or URI import, fully compatible with migrations from Aegis, 2FAS, and Ente Auth. Data is encrypted at the file level via SQLCipher, protected by its built-in PBKDF2-HMAC-SHA512 key derivation, and exported backups go a step further, re-encrypted with an Argon2id-derived key before export. Biometric unlock and auto-lock are built in, with the security layer fully separated from the UI.

This is the standard we hold ourselves to, and Citadel Auth is coming soon to the App Store and Google Play. Meanwhile, explore the open-source repo on our GitHub.

Ready to get to the headlines?

Talk to one of our solution experts and start the journey.

Book the Call