Pricing Plans

Start a free trial, choose your plan when ready. All plans include all features.

Save two months by paying annually.


For startups and small teams

$490 $49 / year / month

Try for free

What's included

  • 10 Users
  • 10 2FA Tokens
  • Basic Support
Most popular


For established companies

$1990 $199 / year / month

Try for free

What's included

  • 50 Users
  • 50 2FA Tokens
  • Premium Support


For larger organizations

Let's talk

Contact us

What's included

  • More Users
  • More 2FA Tokens
  • Active Directory Support (coming soon)
  • Audit Log (coming soon)
  • Enterprise Support
All prices excl. VAT, if applicable

Included in all plans


Simply export as CSV. You own and control your data.

GDPR Compliance

Compliance baked in, right from the start.

Support via Email

Support from real humans (the founders of Daito) at your fingertips.


Daito is built with proven security and encryption standards.

Use on any device

The authenticator is web-first and web-only. Access and manage your company's 2FA tokens from any browser and OS.

Role-based access control

Give IT teams and admins full control, limit regular users.

No second device needed

No more worrying about lost, malfunctioning or missing devices.

Privacy by design

We only collect & store the bare minimum of necessary data to provide the service.

Frequently asked questions

Can’t find the answer you’re looking for? Reach out to our customer support team.

What's the difference between a user and a 2FA token?
A user is a user account, that you need to log in to Daito and use it. A 2FA token is a TOTP (a time-based one-time password) that is generated for you by Daito, based on the 2FA seed data you feed it.
Why is web-based 2FA without a second device as secure as 2FA with a second device? Isn’t the 2nd device what makes 2FA secure?
Web-based 2FA without a second device is as secure as app-based 2FA with a second device if your threat model is to defend primarily against automated large-scale attacks and not against targeted attacks (e.g. hackers for hire, or state-sponsored attacks).

It is not primarily the second device that improves your security, it is the second authentication factor in the form of a time-based one-time password (usually a 6-digit number that changes every 30 seconds) as this delays the overall attack process and produces more work for the attacker.

A second device adds an additional layer of security on top of this, as a device is something not shareable with somebody else, but it is not the primary reason for the security of 2FA.

Additionally, the reliance on a second device also means that you have to manage and secure an additional device and ensure it is not lost or stolen.
What data do you define as "bare minimum of necessary data to provide the service"?
We do not use external marketing platforms, such as Google Analytics or Hotjar. The data we collect and the cookies that are set by the app are not for tracking, but for ensuring the app's functionality (such as "remember me" functionality).

We track and audit all user actions, for security monitoring as well as for performance management purposes. If we collect data we keep it on our own systems or adequately anonymize it before sending it to an external service.
Who is behind Daito Authenticator?
The Daito Authenticator is a product from Elster Intelligence, a small Berlin, Germany-based software company.

Elster Intelligence was founded by Jan Sroka, a former Big 4 information security professional after experiencing first hand in hish 15+ years career that 2FA tokens often need to be shared in smaller companies and that lots of companies unnecessarily open themselves to risk by not protecting all (shared or not shared) accounts with 2FA.

Jan holds numerious advanced IT security certificaitons (CISA, CISSP, CISM) and is reachable at