Skip to main content

The Best Authenticator Apps for Improving Safety of Your Accounts

Alessio has an experience as a Google Product Expert and as a bug hunter, having reported security vulnerabilities to Google and Apple.

Everyone's digital life is regulated by accounts: whether they are used for accessing online banking, social media websites, email or online gaming platforms, accounts are like virtual houses everyone have in several spaces of the internet. These, just like a real house, are subject to the risk of violation by malicious users seeking for money stored at the bank or for personal email: this is the main reason why an account should be always protected. Despite some people tend to give more importance to their physical assets (like their house) and extend the same level of care maybe just to the most sensitive accounts like those used for online banking, every digital presence should be adequately protected independently from how much relevant would be an eventual violation for the owner.

Online banking accounts are among the most sensitive targets of attackers.

Online banking accounts are among the most sensitive targets of attackers.

Authenticator Apps Help to Protect Personal Accounts

Among the best security tools available to protect accounts from violation, authenticator apps are maybe second only to physical tokens in terms of safety. These apps work with multi-factor authentication option that most providers of online services are already offering to their users in order to prompt a temporary disposable PIN code in addition to the username and password. Usually, this additional form of authentication involves sending the temporary code to a registered phone number via SMS or by phone call. The alternative provided by physical tokens requires these devices in order to gain access to an account and so it eliminates the need of temporary passwords. In between, authenticator apps are tools used to generate OTPs without having them sent to a registered phone number.

Authenticator Apps Are Both Convenient and Safe

Authenticator apps are among the best tools to ensure safety of digital accounts because of several reasons that make them a convenient choice even over other forms of multi-factor authentication options:

  • they eliminate the risks associated with an eventual violation of personal phone number: despite these kinds of attacks are relatively rare, episodes of SIM swapping are still something that may happen to anyone owning a mobile phone number. It may be as simple as being able to achieve doing social engineering with someone working at a mobile phone carrier, maybe even better in case someone manages to get a copy of our personal ID (in a period in which everyone can even open bank accounts in minutes just by taking photos to the ID and sending them to someone else, it may be clear that our IDs are not as private as one may believe). SIM swapping means someone else manages to get our private phone number: one can report the fraud immediately, still, in the meantime, someone else have unlimited access to temporary codes used to protect personal accounts.
People should protect their online accounts just like they would do with their physical belongings.

People should protect their online accounts just like they would do with their physical belongings.

  • in case of phone loss, authenticator apps are often easy to be recovered, provided that appropriate backup has been made in advance. This is not the case of physical tokens: keeping more than one is surely a good way to reduce the risk of losing access to the account in case a token stops working or gets loss, still, being tied to a physical device instead of an app that can be easily recovered on a new phone carries still a relative risk of being unable to access personal accounts in case of issues with the physical tokens and no alternative authentication methods have been previously implemented.
  • authenticator apps are always ready to generate temporary codes. In case, for some reasons, there is no mobile phone signal because of a temporary disruption but there is still access to internet thanks to WiFi, one does not need to wait until their phone line works again before gaining access to their account.

There are various choices of OTP generators and most of them are completely free to use. Below are reported three of the best authenticator apps one can choose in order to definitely protect their accounts against malicious attackers.

Google Authenticator

This is maybe the most popular OTP generator ever. It allows to bind personal Google Accounts protected with multi-factor authentication and also generate codes for accounts hosted at other providers offering this additional form of protection.

Pros:

  • good for people who are comfortable using Google ecosystem of apps and services;
  • easy to set up;
  • easy to backup and restore;
  • good also for people not using a Google Account.

Cons:

  • it does not currently offer cloud backup option, even if this limitation can be easily bypassed by saving a copy of tokens on the device and uploading it manually to Google Drive.
Scroll to Continue
Google Authenticator app icon on iOS device

Google Authenticator app icon on iOS device

Authy

Authy is one of the most popular alternatives to Google Authenticator. It has some additional features like desktop support, multi-device capability and the most important one: integrated cloud backup of tokens. All these features make Authy a very good choice for people that needs some advanced features in addition to a simple OTP generator. Still, in order to use this app, it is required to create an account with our personal phone number: this means that using Authy may still carry the remote risk of SIM swapping, making it a good app, but not certainly an alternative to simply registering phone number for receiving directly the codes through multi-factor authentication.

Pros:

  • it has advanced features not provided by many of the alternative apps;
  • it has a very pleasant UI.

Cons:

  • it actually requires mobile phone number for signing up.

Microsoft Authenticator

This app not only allows to generate codes for accounts protected with multi-factor authentication (including Microsoft profile): it also acts as a vault for storing passwords in a safe way and for enabling auto-fill whenever attempting to log-in somewhere within the mobile browser or an app. This makes Microsoft Authenticator not simply an OTP generator, but a full password management solution with only one aspect to be considered: a Microsoft Account is required for using it, unlike Google Authenticator which is available even to people not using Google online services.

Pros:

  • it is not only an authenticator app, but a full password management solution;
  • it has cloud backup feature.

Cons:

  • it requires a Microsoft Account in order to be used, so it is good only for people who are already using Microsoft services or still have interest in signing up for an account with Microsoft even just for using this app.
A Microsoft app loaded on an iOS device

A Microsoft app loaded on an iOS device

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2022 Alessio Ganci

Related Articles