Automation tools, compared

How Skyvern compares on ease of use and 2FA, without the green checkmark

Every comparison says the same two things: Skyvern is friendly, and Skyvern supports two-factor authentication. Both are true. Neither tells you what changes hands when an agent logs in for you. That is the part worth reading.

Matthew Diakonov, Written with AI

Published June 17, 20268 min read

The short answer (verified 2026-06-17)

Skyvern is genuinely easy to use and it does support 2FA. But “supports 2FA” means you store your TOTP seed in its credential manager so it can generate codes for you. That is the same trade UiPath, Power Automate, and browser-use all make: to log in on your behalf, a tool has to hold your second factor. Mediar takes a different path entirely. It drives apps you are already logged into through Windows accessibility APIs, so your second factor never leaves your phone.

Verified against Skyvern’s own authentication documentation at skyvern.com/blog/how-skyvern-handles-authentication.

“User-friendly” is two questions, not one

When people ask whether Skyvern is friendlier than other automation tools, they usually mean the authoring experience: can a non-engineer set up a run without writing code. On that question Skyvern scores well. You describe the task in plain language or record a procedure, and a vision model reads the live page rather than a list of CSS selectors that snap the moment a site is redesigned.

But there is a second question hiding underneath, and it decides whether friendliness matters at all: can the tool reach the place your work actually happens. A delightful web agent is useless against an ERP screen rendered by a native Windows process. So compare on both axes at once.

Skyvern

Browser agent

Authoring: Plain language, recorded SOPs, vision reading. Friendly.
Reach: Websites only. No native SAP GUI, mainframe, or green screen.
2FA: Supported by storing your TOTP seed or a relay URL.

UiPath / Power Automate

Enterprise RPA

Authoring: Studio-heavy. Powerful, but a learning curve and selector upkeep.
Reach: Broad, including desktop, but brittle on legacy UIs.
2FA: Orchestrator credential stores plus OTP activities that need the seed.

Mediar

Desktop accessibility agent

Authoring: Watch a workflow once, then it executes. No selectors to maintain.
Reach: Native Windows apps: SAP GUI, mainframes, Jack Henry, Epic, Oracle EBS.
2FA: No seed stored. Human authenticates once; the agent drives the open session.

UiPath OTP behavior per UiPath community documentation; Skyvern 2FA behavior per Skyvern’s authentication blog.

What “supports 2FA” actually means

A second factor exists so that knowing your password is not enough. A time-based one-time password (TOTP) is generated from a shared seed, the long string you encode when you scan the QR code in your authenticator app. Whoever holds that seed can mint valid codes forever, on any device, no phone required.

So when an automation tool needs to log in unattended, it cannot just ask your phone politely. It needs the seed, or a live channel to fetch a fresh code. Skyvern is explicit and honest about this. Its credential manager exposes three fields for the job: totp_identifier, totp_secret, and totp_url. The middle one is the seed itself. The flip side is simple: the seed now lives in two places instead of one.

Where the second factor ends up

# Skyvern credential, so it can log in for you
# (from how-skyvern-handles-authentication)
username: "ops@yourcompany.com"
password: "the-account-password"

# To clear the 2FA challenge, you hand over the
# second factor itself, one of these three:
totp_identifier: "ops-mailbox"   # which code to use
totp_secret:     "JBSWY3DPEHPK3PXP"  # the seed from
                                     # your authenticator app
totp_url:        "<your-endpoint>/totp"   # Skyvern queries
                                          # this for the code

# Now Skyvern holds your password AND your second factor.
# Both live in its vault, encrypted, but no longer only
# on your phone.

25% fewer secrets to vault

This is the anchor of the whole comparison, and you can check it yourself. Skyvern documents the totp_secret field in its authentication guide. Mediar’s execution engine is open source under the MIT license at github.com/mediar-ai/terminator, and there is no credential store in the executor. It locates elements by Name, Role, ControlType, and AutomationId in the Windows accessibility tree, and attaches to a window you are already signed into. The seed never enters the picture.

Follow the second factor through one login

The difference is easiest to see if you trace exactly where the seed and the code move during a single authenticated run. First, any tool that logs in for you:

A tool that logs in for you (Skyvern, UiPath cloud, browser agents)

Now Mediar. Notice that the seed never appears, because there is no step where software has to produce a code:

Mediar: drive a session a human already authenticated

The trade is real and worth naming plainly. Mediar’s model means a person is in the loop for the initial sign-in, which is a constraint browser agents avoid. In exchange, no seed is ever copied off the device that holds it, and there is no shared vault whose breach would expose both factors for every account at once.

70%

“An LG-customer F&B chain moved from UiPath to Mediar and reports cutting automation costs by 70 percent, on the same legacy SAP B1 work.”

Mediar deployment, figure cited by the customer's CFO

Security is more than the 2FA line item

Two-factor handling is the sharpest difference, but it is not the only one. Because Mediar runs inside your existing Windows session on a machine you control, it operates entirely within your security perimeter. There is no separate cloud browser holding a copy of your logged-in state. Mediar is SOC 2 Type II certified and HIPAA compliant, every action is logged and auditable, and it deploys on-premise or in your cloud, which is what the regulated buyers running Epic, Cerner, Jack Henry, and SAP need before anything touches production.

To be fair to Skyvern: it has its own enterprise security story, with encryption at rest and in transit, and it states that no credential data is exposed to the language models during processing. If your targets are public websites and you are comfortable with a vendor holding credentials to run unattended, that posture is reasonable. The honest framing is not “Skyvern is insecure.” It is that the architecture forces a choice: to log in for you, it must hold what logs you in.

So the comparison resolves on what you are automating. If the work lives on the open web and unattended convenience matters more than keeping the seed on one device, Skyvern is a friendly, capable choice. If the work lives in legacy desktop systems with no API, and the accounts involved are the kind a security review will scrutinize, the accessibility-API approach is the one that does not ask you to copy your second factor anywhere.

Automate the legacy desktop without handing over your 2FA seed

Book a working session and we will map one of your no-API workflows to Mediar, on your machine, inside your perimeter.

Frequently asked questions

Does Skyvern support two-factor authentication?

Yes. Skyvern can log into accounts protected by 2FA. Its credential manager accepts a totp_identifier, a totp_secret, or a totp_url. The totp_secret is the seed you copy out of your authenticator app; once it is stored, Skyvern generates the time-based codes itself. The totp_url is an endpoint Skyvern calls to fetch a code at login time. Either way, the platform needs access to your second factor to clear the challenge for you.

Is Skyvern easy to use compared with other automation tools?

For web and SaaS work, yes. You describe a task in plain language or record a standard operating procedure, and a vision model reads the page instead of relying on brittle CSS selectors. That is genuinely friendlier than scripting Selenium or Playwright by hand, and friendlier than the classic enterprise RPA studios. The catch is reach: Skyvern is a browser agent, so a friendly experience on a website does not help you when the workflow lives in SAP GUI, a mainframe terminal, or a Jack Henry green screen that has no browser at all.

How is Mediar's approach to 2FA different from Skyvern's?

Skyvern logs in for you, so it has to hold your second factor. Mediar does not log in for you. A person signs into the desktop app once, including the real 2FA prompt on their own phone, and Mediar then drives the already-authenticated window through Windows accessibility APIs. There is no totp_secret field to fill and no relay URL to expose, because Mediar never needs to mint a code. Your possession factor stays where it belongs.

Do UiPath and Power Automate handle 2FA the same way as Skyvern?

Architecturally, yes, for unattended bots. UiPath's Orchestrator stores credentials and offers activities that sync with your authenticator app to generate one-time passcodes; as UiPath's own community docs put it, all it needs is the secret code provided during authenticator setup. Power Automate relies on similar credential and connection stores. Any tool that authenticates on your behalf, cloud or desktop, ends up holding the same secret that Skyvern asks for.

Is storing a TOTP seed in an automation tool actually a problem?

It depends on your threat model. The point of a TOTP second factor is that the seed lives in one place you physically control, usually a phone. The moment you copy that seed into a vendor's vault, a breach of that vault now exposes both factors at once for every account the bot touches. Vendors encrypt these secrets and that materially reduces risk, but it does not change the fact that your possession factor has been duplicated into infrastructure you do not own. For a handful of low-stakes web logins that may be fine. For banking core, EHR, or ERP credentials it is a board-level conversation.

Can I verify Mediar's no-credential claim myself?

Yes. The execution engine is open source. Clone github.com/mediar-ai/terminator (MIT license), and you can read how it locates elements by Name, Role, ControlType, and AutomationId in the Windows accessibility tree, and how it attaches to a running session rather than launching a fresh login. There is no credential store in the executor because authentication is the human's job, done once, up front.

Where does Skyvern win over Mediar?

On brand-new public websites with no API, where you want an agent to navigate, fill forms, and extract data across sites it has never seen. Skyvern's vision-plus-LLM reading of a live page is strong there, it is open source under AGPL-3.0, and per-step pricing keeps light web tasks cheap. If your automation target is the open web and you accept storing credentials to run unattended, it is a reasonable pick. Mediar's edge is the legacy Windows desktop layer that browser agents cannot reach.

Where browser agents stop and the desktop layer begins