HP TECH TAKES /...
Exploring today's technology for tomorrow's possibilities
Subscribe
Best Authenticator Apps for Multi-Factor Authentication
Tom Gerencer
|
February 9, 2023
Cybercrime and online fraud are running rampant, and choosing the best authenticator app is one of the best ways to protect your online identity and all your accounts. When it comes to defending a business and its employees against hacking, fraud, and theft, multi-factor authentication (MFA) should be as prevalent as password use.
These apps work by stepping in between you and your software with a replacement for your passwords. Instead of a single phrase, you’re equipped with a combination of a unique and permanent key, the current time, and a one-time code that you only send in one direction.
This guide lists the best two-factor authenticator apps on the market, including Microsoft Authenticator, Authy, and Google Authenticator. Our top pick is Microsoft Authenticator for its robust security, wide integration, and ease of use.
What is an authenticator app?
An authenticator app takes security a step beyond passwords and even beyond traditional two-factor authentication (2FA) for your accounts. The app uses a secret key (not your password) to create a unique code and log you in. It’s more secure than ordinary 2FA because it doesn’t use a message that someone could intercept.
To break into an account secured with an authenticator app, an attacker would need to access the user’s secret key and the encryption algorithm, or somehow spoof that one-time, one-direction code. Since it’s very difficult to do either of these, authenticator apps are among the most secure login methods available today.
How authenticator apps work
The secret key generated by authenticator apps is stored in both the app and your online account. When you log in with a 2FA app, it uses that key – plus the current time – to create a one-time code. The app sends that code to the account, which also generates the same code.
Since the identical codes are generated independently, it’s very difficult for someone to hack or steal them. That’s not true with codes sent from an account to you, which you then copy-paste and send back into the account.
Robust security
The one-time codes you have probably used on your smartphone can be intercepted if someone spoofs your phone’s SIM card or if they use a man-in-the-middle attack. Authenticator apps don’t use SIM cards or mobile networks.
These one-time code (and key) authenticator apps aren’t infallible, and they can still be hacked, but cracking into them is very rare compared to hacking into other security protections.
How we chose the best authenticator apps
We conducted deep research to find the best authenticator apps on the market. We tried out each app and aggregated review scores from both user ratings and professional reviewers. We also took the number of each app’s negative reviews into account, because positive ratings can often hide a lopsided number of 1-star reviews.
1. Microsoft Authenticator App: Best overall app
Microsoft Authenticator is hands-down the best authenticator app available. With 4.7-star ratings from more than 800,000 satisfied users, this free app is fast, simple, secure, and passwordless. You can use your fingerprint, face, or a PIN to sign into the app, then let it usher you into all your online accounts from there.
This 2FA app also comes with a handy password access management feature that can generate and store your passwords locally. It’s easy to add a new device to the app without jumping through an obstacle course of digital hoops. The user interface is surprisingly modern and intuitive, too.
MS Authenticator works seamlessly with the entire suite of Microsoft apps and Microsoft accounts. It offers single-factor authentication as another option for gaining access.
2. 2FA Authenticator: Best for Android and iPhone
An excellent free authenticator app, the 2FA app by 2FAS is well-loved by its users with just shy of 5 stars from more than 20,000 fans. This multi-factor authentication app has an intuitive interface that’s always stable and never glitchy. You can also use it on multiple devices, with no need to sync.
This app is not only free, but very nearly ad-free too. It also stores your encrypted data in the cloud (iCloud, in the iOS version) for optimal security. One drawback is that there’s no Windows version, so you can’t use it to authenticate your Windows 10 or Windows 11 device.
A handy backup feature adds the peace of mind to know you can always log into your accounts, even if you lose your phone or tablet. Overall, this is a simple, ironclad entry in the authentication app market.
3. Authy
Authy by Twilio is another one of the best authenticator apps on the market. With 4 stars on Google Play and 4.7 on the App Store from tens of thousands of happy users, it’s an easy-to-use, secure option that doesn’t disappoint. You can set up the app on multiple devices (including an Apple Watch) and kiss your passwords goodbye.
This 2FA app is easy to set up, plus it’s secure and never needs to access any of your passwords. Instead, it uses unique, encrypted tokens, which you can choose to back up locally or in the Cloud in case you ever lose a device. All encryption happens locally, so even if someone hacks your Cloud backup, they still can’t access your accounts.
This app has a useful desktop app, too, which is perfect for whenever you need to log in but your phone isn’t nearby. A remote login feature grants secure access to enterprise users who work from home.
4. Duo
The Duo 2FA authenticator app is targeted to business users. Part of the Cisco product offering, it boasts several enterprise features, including a handy multi-user deployment function. Its Duo Push feature lets you log into your accounts without copy-pasting any numbered verification codes. You simply tap and enter.
One drawback of the Duo app is that it’s not as easy to configure as the other options on our list. Signup requires extra info like a company name and number of employees, plus a screenshot of a QR code. You also need to hunt through a long menu of account types to get started.
This MFA app integrates well with non-Apple smartwatches, with no pins, passwords, or biometrics needed. It works instantaneously, too, which is a nice feature when time is at a premium.
5. LastPass Authenticator
More an Android favorite than an iPhone standout, LastPass Authenticator integrates seamlessly with the LastPass password vault. It’s simple to set up, too. You just download it, log in, and scan a barcode on your device. It provides one-tap entry and easily restores encrypted tokens to any new device.
The Apple Watch interface is not the most intuitive, and the interface may be glitchy at times. This can present serious problems for enterprise users, who may get locked out after a wonky software update.
6. Google Authenticator App
Google’s authenticator app is a good option, but it definitely lags behind in the authentication game. The search giant seems focused on getting started and improving things later, and its app has a fairly low-frills setup. Plus, functionality is limited to authentication only.
One major flaw with Google Authenticator is that if you lose or factory reset your phone, there’s no way to transfer the app’s data to a new device. With that warning in mind, this is still an easy-to-use authentication app that provides an extra layer of security. It also provides the convenience of forgetting all your passwords and tapping straight into your Google and non-Google accounts.
Why use an authenticator app?
As online breaches grow in size, sophistication, and financial damages, authenticator apps are more than just a good idea. They’re swiftly becoming the new normal to defend personal and business accounts online. In 2015, there were 59 million cybersecurity incidents worldwide. By 2020, that number ballooned to 300 million.
As the number of online breaches continues its exponential growth curve, authenticator apps are a necessary tool.
Authenticators tame the password beast
Have you noticed it’s getting harder to keep track of passwords? The average American has more than 100 passwords to wrangle. The most common solution is to keep that thicket of passwords in an insecure Word document on a PC. That’s not a good solution, and authenticator apps offer a workable alternative.
Two-factor authenticator apps do away with password use by providing a password vault. They do this by using unique keys – not passwords – to access your account.
MFA vs 2FA
MFA uses two or more forms of authentication to verify your identity when you log into an account. 2FA is a form of MFA that uses only 2-step verification (and not 3 or 4-step).
Summary
Authenticator apps have evolved from a good idea to necessary security. If you’re not using an authenticator app, you will be soon. If you don’t, you may soon face unmanageable risk in our connected world. Our favorite authenticator app is Microsoft Authenticator for its slick user interface and reliability.
