Long and complex passwords are an excellent first step for protecting your online accounts from hackers. However, if a criminal is able to crack the code, they still can access your information. That's where multi-factor authentication comes into play. It creates a unique, time-limited key that needs to be inserted by the user to unlock the website. While many sites already provide this type of code via SMS, it's not advisable to use this method because hackers can sometimes hijack SMS messages. Instead, it's better to go for an authentication app such as Google Authenticator or Authy. Both support iOS and Android, and both get the job done, though in slightly different ways.
Google Authenticator is the most popular two-factor authentication app on the market. It's completely free, it's available for iOS and Android, and users can add an unlimited number of accounts as long as these support 2FA.
The application is very user friendly, making it perfect for even the less tech-savvy people out there. There are already many websites that support Google Authenticator, and the user just needs to enable this 2FA method on the desired service, take a snapshot of the QR code, and they’re done.
Google Authenticator presents some downsides, though. First, it's not possible to sync the app with other devices or create a backup of the added accounts. Basically, getting a new mobile phone means having to go through the tedious process of adding all the accounts again. Secondly, it's not possible to protect the app by adding a PIN or something similar, which means that anyone with access to the mobile phone can open the application and see all the information.
While there are a few websites (such as Twitch) that work specifically with Authy tokens, the app actually works with any website that supports Google Authenticator. Like the latter, Authy also adds accounts by taking pictures of the QR codes provided by the sites. But unlike the Google app, Authy offers multi-device support and backs up an encrypted version of the 2FA codes on the cloud. Furthermore, the app is available not only for iOS and Android, but for Windows and macOS as well. This means that regardless of how you’re trying to access your account, Authy will be a click away, giving you the 2FA code required to log in.
Considering that Authy requires a phone number and sends a text message with an activation code, it doesn't offer the most secure setup process. Moreover, since Authy tokens are saved in the SIM card, it's safer to always use the Google Authenticator token instead. Nonetheless, it does provide the option to protect the app with a PIN, providing its users an extra layer of security.
Google Authenticator and Authy are both reliable authenticator apps. People looking for a simple and easy-to-use app should get Google Authenticator. The same goes for users who want a higher security level in the two-factor authentication process. However, bear in mind that anyone who can crack the phone can access the app and all information. On the other hand, Authy secures the authentication codes better by providing the option to PIN-protect the app. Furthermore, Authy is the perfect solution for users who change phones frequently or want to have the software synced on multiple devices. Since all information is encrypted, you can rest assured that nobody will be able to get their hands on your codes as they travel between the device and the cloud. People already using a password manager can also change to a provider that offers this feature, such as Enpass or 1Password.
Best Password Managers of 2020
|Editor's Choice 2020|