Is it time for an extra helping of security for your online accounts and your sensitive online information? Are you increasingly worried about online scams like identity theft? If you answered “yes!” to any of the above, then it may be time to consider an authenticator app. You may have heard of them, but what is an authenticator app exactly? Available for many different devices, including iPhones, Android phones, tablets, and PCs, this software in shining armor offers an additional line of defense against unauthorized users gaining access to your data. Rather than using just one password to log in to an account, these little bodyguards demand a second credential, creating a crucial stumbling block for potential hackers! That’s why they’re also referred to as two-factor authentication apps (2FA) or multi-factor authentication (MFA). So, even if your password is stolen, hackers can’t use it to access your online account because they’re missing the vital next step.
Authenticator apps can help make your digital playground—whether you’re sending emails or banking online—that little bit safer. Read on to find out how they work and to decide if they’re right for you. We’ve also included a handy list of the most common apps to help you choose.
How do authenticator apps work?
In a nutshell: Quickly! They generate a six- to eight-digit security code that’s valid for a specific time frame (usually 30 seconds). This may seem rather rushed, but it’s important: Imposing a time limit can give hackers less of a chance to gain remote access to your device and steal the code. So far so good, but who or what generates these numbers? It’s usually a standard HMAC-Based One-Time Password (HOTP) algorithm developed by the Internet Engineering Task Force (IETF). It’s important to note that at no time does the IETF have access to the codes! As soon as you receive an active code (usually by text message), you can use it to log in to your online accounts. But hurry! Don’t be distracted by a passing cat, coffee, croissant, etc., or you’ll miss the time window, and your code will expire. Then you’ll have to generate a new one.
This may be right for me…but how hard is it to install an authenticator app?
Thankfully, you’re in for an easy ride, as authenticator apps are simple to set up and use. Visit the relevant app store, such as Google Play Store or the Apple Store, and download the app to your device. Then take a look at your online accounts to see which ones support two-factor authentication and select the option to connect them to the app. The account website will then usually send you a key or QR code to finish the set up. These steps do vary depending on the type of account, but here is an example from Gmail:
- On your Android device, go to your Google Account.
- At the top, tap the Security tab. If you don’t see the Security tab, swipe through all tabs until you find it.
- Choose “Signing in to Google” and tap 2-Step Verification.
- Under “Authenticator app,” tap Set up.
- Follow the on-screen steps.
OK, I’m sold! Now, how do I find the best authenticator apps?
The most popular authentication apps are available on several platforms, usually for Android and Apple devices, while others can be accessed on Windows and Mac computers. You’re spoilt for choice, but it comes down to your operating system and the security features you prioritize. If you have a smartwatch, you may want an app that works with your watch. Some apps allow you to lock software, so if someone else uses your phone, they can’t access your accounts or login codes. Other apps ensure that all your data is encrypted and decrypted on your device and not through a third-party server. Above all: A reputable provider is essential. That’s why we’ve listed the key players below and outlined the pros and cons.
Often considered the easiest and most basic authenticator on the planet, the Google authenticator allows you to scan a QR code to add two-step verification quickly and easily to your account. You can also type in a setup key.
- Easy to use
- No Google account necessary
- No cloud backup
- Limited features (E.g.: no support for Apple watches)
- No login protection (Android version)
The Microsoft Authenticator app offers an easy login process for all your online accounts and is available for iOS and Android devices. It provides a prompt for a second verification method after you’ve signed in with your username and password. You can also set it to sign in without a password, using your username, plus your fingerprint, face, or PIN on your mobile phone.
- PIN-, fingerprint-, or face ID-protected access
- Cloud backup
- A top choice for organizations and schools
- Some compatibility issues if used together on both Android and iPhones
- Microsoft account login necessary for backup/sync (Android version)
- Large (requires 150MB–200MB)
Is this currently the best-rated 2FA app based on Google Store, Apple Store, and Android store ratings? We haven’t counted, but the manufacturer is confident. This flexible app is one of the few to leap nimbly across multiple platforms, including Windows, Mac, Android, and Apple devices, plus the Apple Watch. So, if your daily life is a mix of devices, Twilio Authy may be the one for you. Set up a free Authy account and get 100 free authentications per month and free support. Thereafter, you’ll pay a minimal amount for further authentications. If backup is a priority, you can encrypt your 2FA data and store it in the Authy cloud.
- Easy cross-platform performance
- PIN-, fingerprint-, or face ID-protected access
- Competitive pricing
- Cloud backup
- Dated interface needs a make-over
- Requires an account linked to a phone number
Cisco Duo Mobile
It’s no surprise that Cisco Duo Mobile is popular with enterprises. It features multi-user deployment and multiple authentication controls, including push notifications, biometrics, and passcodes. Plus, it comes with Duo Restore so you can back up Duo-protected accounts and then help recover them on new machines. Duo Mobile is free for up to 10 accounts and if you’re using it as an individual, you’ll probably keep below this limit. Beyond this, it’s a nominal fee per month.
- Multiple controls and deployment options
- Cloud backup
- Corporate-friendly and user-friendly
- No need to create an account
- No access protection
- Incompatible backup/sync systems for iOS and Android
Meet the Apple authenticator! The Step Two authentication app is only available on Apple devices, so if you’re the proud owner of an iPhone, iPad, Mac, or Apple Watch, this one’s for you. As with Duo Mobile, you can add up to 10 accounts for free and for a one-time purchase you can use the app without restrictions. Plus, iCloud integration means your accounts are synced across all your devices. Created by designer Neil Sardesai, this authentication app stands out for its beauty and user friendliness. Form meets function.
- Beautiful design
- Extremely user friendly
- iCloud integration
- Apple only
Are you a fan of ultra-minimalism? Look no further than FreeOTP, the free, open-source authenticator app for Android and iOS. It’s sponsored and officially published by Red Hat, a global leader in enterprise open-source, so you can rest assured that it’s backed by a trusted big name.
- Simple interface
- No need for an account
- Super-light on storage
- Codes automatically hidden after 30 seconds of inactivity
- Lack of access protection
- No backup/sync or restore
- Not available on desktops
Calling all Android users who are also authenticator geeks: andOTP is the feature rich authenticator for Android only that serves up a buffet of techy delights. Features include tag support and the ability to search for tokens by name. You can also connect a “panic button” to erase all tokens from the app and then reset in case of an emergency. If you need to ask what a “token” is, this one’s probably not for you.
- App automatically locks after a set period of inactivity (10-360 seconds)
- Access protection with a PIN/password in the app, or with the PIN/fingerprint in the operating system
- If the unlocked app falls into the wrong hands, keys are easily retrieved
If you’re an iPhone user and felt a pang of jealousy when reading the above, we have good news: OTP auth is strictly for iOS and macOS operating systems, and particularly for those managing multiple users in corporate environments. View the secret key or QR code at any time for any token or export them all to a file on a smartphone. The app also supports iCloud sync.
- iCloud backup/sync
- Apple Watch support
- Access protection with password or touch ID/face ID
- Exists only for iOS and macOS (and only as a paid version for macOS)
Read on if you’re a gamer who uses Windows. This app’s strength is its support for non-standard tokens for authentication in Battle.net, Steam, and Trion/Gamigo games. WinAuth uses a password for logging in and for individual tokens. It also hides codes by default and lets you encrypt stored data.
- Can replace Steam Guard, Battle.net Authenticator, Glyph Authenticator, and RIFT Mobile Authenticator
- Codes hidden automatically and tokens can be encrypted
- Ability to scan QR code from file
- Two-factor authentication on a PC is not advisable
A final word on authenticator apps
Reputable authenticator apps like those outlined above help make it easier and simpler to improve your online security. In fact, two-factor authentication in general has become the new standard in online security and there are many forms. Although we’ve focussed on text messages in this blog, authentication can vary—from hardware tokens (like fobs) and voice-based analysis to biometric 2FA such as fingerprints, retina patterns, and facial recognition. It’s a brave new world indeed! And while we’re on the subject of extra online defence, never forget your first line of protection: A reputable antivirus, ideally alongside a software updater, and password manager. Avira offers multi-layered solutions like Avira Free Security and Avira Prime.