English 
Čeština 
Slovenčina 
Deutsch 
Español 
Italiano 
Nederlands 
Русский 
Tiếng Việt 
한국어 
日本語 
简体中文 
Authentication applications offers a safer way to log in to your site and web services thanks to two-factor verification (2FA). We will evaluate some of the most popular mobile applications for multi-phase verification and two-factor verification, so that you can choose the most suitable one for you.
In recent years, we've read about several serious data leaks and hacker attacks that clearly indicate that a mere password does not provide enough security to protect your online bank or social networking accounts. Two - factor verification (2FA or MFA, for multiphase verification) adds another layer of protection that we recommend to everyone. Authentication applications such as Authy, Google Authenticator, or Microsoft Authenticator provide one of the more secure forms of two-factor authentication. Using one of these applications can even help protect you from malicious attacks such as stalkerware.
What is 2FA 2-factor verification?
As the name suggests, it's simply a matter of using more than just a password to log in to your online account or application - adding more factor to the password. Experts classify authentication factors into three groups: something you know (such as a password), something you have (a physical thing), and something you are (a fingerprint or other biometric). If you use one of the authentication applications listed here, you will strengthen the password that you know using a token, smartphone or smart watch that you have.
What is the best multi-phase verification?
Yes, you can implement MFA, or multi-phase verification, simply by asking your bank page to send you a text message with a code, which you can then enter on the access page. However, it turned out that this is not the best way to perform 2FA. A weakness has recently been discovered in the SMS messaging system that allows fraudsters to redirect text messages. The authentication application on your smartphone will generate codes that will never travel over the mobile network, bringing with it the potential to detect and compromise data.
Almost every financial website offers the option to set up authentication on the security settings page, where you choose two-factor authentication or multi-phase authentication.
Most websites offer an easy way to send an SMS code, but look beyond that and look for support for the authentication application. The 2FA setup usually involves scanning the QR code on the page using an authentication application on your phone. You can scan the code on more than one device if you want to make a backup. You should also save the account recovery codes provided by the site and store them somewhere secure, such as in the password manager.
You might be interested in: Cryptocurr wallets and wallet hardware - TOP selection
How authentication applications work
If you then log in to the page from an unknown device, you will need to open the authentication application, unlock it, and find an entry for the page. Authentication applications generate time, one-time access codes (TOTP or OTP), six numbers that are refreshed every 30 seconds. You paste or copy this code into a secure application or page and you're there. A timeout means that if a malicious factor obtains your one-time passcode, it will not work for it after 30 seconds.
The codes are generated using math on a long code transmitted by scanning a QR code, and currently the application uses the standard HMAC-Based One-Time Password (HOTP) algorithm to generate a one-time password, approved by the Internet Technical Commission (IETF). These applications have no access to your accounts, and after the initial code transfer they no longer communicate with the site; simply and simply generate codes. You don't even need a phone signal to work.
For example, because the protocol used by these products is mostly based on the same standard, you can use Microsoft Authenticator to access your Google Account and vice versa. Although Microsoft Authenticator adds a convenient way to log in to its services such as Office, Outlook and OneDrive.
What you should ask of an authentication application
One of the things to look for when choosing one of these applications is whether the application backs up account information (encrypted, of course) in case you lose the phone on which you set everything. Authy, Duo Mobile, LastPass Authenticator and Microsoft Authenticator offer this option, while Google Authenticator does not.
Google's mobile OS offers the security advantage that Android prevents anyone from taking a screenshot if you have an authentication application open, while iOS allows screenshots.
For even better security, you can implement MFA with a dedicated device such as YubiKey. This device generates codes that are transmitted via NFC, Bluetooth, or you can connect the device directly to a USB port. Unlike smartphones, this device has the advantage that it serves only one purpose and is a truly secure device. While unlikely, it's possible that an malware-infected application on your mobile device could intercept the authentication codes generated by the phone's authentication application. Security keys have no batteries, moving parts, are extremely durable and do not require an internet connection - but they are not as practical to use as your mobile phone.
For even greater convenience, Authy and Microsoft Authenticator also offer applications for Apple Watch, which are missing for Google Authenticator and LastPass, for example. Because it was sold almost in 2020 only 36 million Of these WatchOS devices (that's 14 million more than the number of Apple Mac computers sold), it's a convenient option that could benefit more people.
To summarize: (1) They did you should use multi-step verification for all your online accounts. (2) Authentication applications provide better security than SMS codes. (3) Browse our summary of the most popular authentication applications below and set up your accounts with the application that suits you best.
Google Authenticator
The ad and search giant authenticator is a basic application that does not offer any embellished features. Unlike Microsoft Authenticator, Google Authentication does not add any special options for its own services, nor does it offer backup or password creation and management. Google seems more interested in setting up two-factor authentication using built-in Android tools than with an authentication application. Using an Android mobile for 2FA with a Google account (rather than a Google authentication app) is more convenient because you just need to click on your mobile and don't have to enter a six-digit code.
Unlike Autha, Google Authenticator lacks an online backup of codes for your account, but you can import them from your old to your new cell phone if you have the old one at hand. One minor concern is that Google Authenticator does not provide an application for Apple Watch.
Microsoft Authenticator
The application from Microsoft now includes the generation of a secure password, and allows you to log in to Microsoft accounts at the touch of a button. The authentication application will also allow schools and workplaces that use it to register users' devices. Account recovery is an important feature that you should enable if you use the application. If you buy a new phone, you will see a recovery option after installing the Microsoft authenticator, just log in to your Microsoft account and provide additional verification.
One problem is (and it's an Apple lock-in problem) that you can't transfer your saved 2FA accounts to an Android device if you've backed them up to iCloud, because the iPhone version requires the use of iCloud. Microsoft Authenticator offers another layer of protection: you can request that your phone be unlocked with a PIN or biometric authentication to gain access to the codes.
You can find password management options in a separate tab at the bottom. You can easily sync with the Microsoft account you've linked to the authenticator, and then you'll see the sign-in you've saved and synced from the Edge browser. In addition, you can easily use the Authenticator as a tool for filling in / storing passwords on your phone.
Duo Mobile
Duo Mobile is targeted at enterprise applications, especially now that it is part of the Cisco portfolio. The application offers enterprise features, such as the ability to deploy to multiple users at once, provisioning and one-click authentication, in addition to the one-time password mentioned above. A nice security bonus is that you can't use a Duo screenshot on Android (but you can on iOS). You can also back up Duo Mobile using Google Drive on Android and using iCloud KeyChain on iPhone.
LastPass Authenticator
This application is not associated with the LastPass password manager application, although it offers some synergy with the better-known password application features. Installing LastPass Authenticator is quick, and if you already have a LastPass account with multi-phase authentication enabled, you can simply enable LastPass by clicking the notification. Once you have the application set up with your LastPass account, it is easy to make a backup for your authenticator's accounts in the LastPass vault. This will make it a little easier to move to a new mobile phone.
Twilio Authy
Unlike the other applications in this summary, Authy requires your phone number when first set up. Not everyone may like this request, and it would probably be better if the application treated the phones as an anonymous piece of hardware, rather than something that is linked to your personally identifiable information. The possibility that this opens the application to possible fraud with the replacement of the SIM card was also mentioned. The Authy Help Center offers a solution, but it would be better if it worked like other applications without requiring a phone number.
Apple Watch users will appreciate that the Authy app is also available for their selected watches.
One of the great benefits of Authy is encrypted backup to the cloud, but it's a bit of a concern that by Authy support site you can add an account to the new phone using the "send PIN via call or SMS" function. There is also the option to enter a private password or passphrase that Authy will use to encrypt the login information for your cloud accounts. Only you know the password, so if you forget it, Authy will not be able to recover the account. However, this also means that no authorities can force Authy to unlock your accounts.
Also read: How easy to shop on Amazon? You don't have to worry about fraudulent deals
Interesting events for our readers
Binance
Obchodujte se slevou až 60% z poplatků a bonusem 600 USD
Phemex
Free bonus up to $ 2,500 upon registration and deposit
