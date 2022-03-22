Two-factor authentication (2FA) is having its moment and has become the standard for online security protection. 2FA is a digital authentication method that adds another layer of security when a user attempts to log into a website or app. For example, rather than only needing a password to get into an account, you might that another credential is now necessary.

Second forms of authentication through 2FA take many forms, such as hardware tokens such as fobs, SMS text-message and voice-based 2FA, and push notifications. Increasingly, some organizations are shifting towards biometric 2FA. Examples include fingerprints, retina patterns, voice prints, facial recognization, and more.

Authentication apps offer yet another type of 2FA — software tokens. These are auto-generated one-time passwords (OTP) that expire within 30 seconds. These usually take the form of passcodes. This short timeframe makes it nearly impossible for hackers to grab someone's second credential and use it before it becomes inactive forever.

These codes get generated using a standard HMAC-Based One-Time Password (HOTP) algorithm developed by the Internet Engineering Task Force (IETF). However, at no time does the IETF gain access to the codes.

The best authentication apps are available on various platforms, with most showing up on Android and Apple devices while still others also accessible through Windows and Mac computers. However, of the dozens of authentication apps available today, only a few are worth considering, including those mentioned below.

How most authentication apps work

Without fail, one of the easiest ways to begin using 2FA is by using your smartphone's camera and scanning a QR code provided by the company or website. Once you do, the authentication app gets to work by issuing an ever-changing unique code. That code is valid as the second form of identification for just a few seconds before the authentication app refreshes it.

You only have to scan the QR code once on a device. If you're using sync and backup (like many of the apps below), you probably won't have to scan a QR code during setup on another device. Otherwise, you will.

Is 2FA all the protection we need?

When 2FA options first arrived, many thought online vulnerability would finally end in the tech world. But, unfortunately, that isn't the case. 2FA, like every other form of online security, isn't 100% secure. Try as they might, a hacker or two will figure out a way to gain access to something they shouldn't. In January 2022, for example, Crypto.com was attacked. Nearly 500 accounts were compromised, and the thieves made off with more than $31 million in cryptocurrencies.

Despite its imperfections, 2FA still provides better protection than passwords alone..

Authenticator App by 2Stable

One of the most impressive authenticator apps on this list, the aptly named Authenticator App by 2Stable, offers a mix of great features. These include biometric authentication, a sync and backup option, and full encryption for whatever 2FA content you decide to store seamlessly on Apple's iCloud service. It's also one of the most straightforward authentication apps on the market.

The Authenticator App by 2Stable is free for anyone who only plans on storing one or two 2FA accounts. You can keep content across the company's iPhone, iPad, Mac, and Apple Watch apps and take advantage of family sharing, widgets, end-to-end encryption, etc. The freebie option doesn't include backup and synchronization, however. For $10 per year, every feature gets unlocked, including unlimited accounts and the ability to sync content across all platforms. Other features include Face ID and auto-lock.

2Stable also offers the freemium Photo Vault app that lets you store and protect your photos and videos from outside threats. It's available in the App Store.

Authenticator App by 2Stable is available for Mac and other Apple devices

Authy by Twilio

Authy is one of the few authentication apps offered across Windows, Mac, Android, and Apple devices, including the Apple Watch. This makes it an ideal solution for anyone who uses an interesting mix of devices (Windows PC, iPhone; Mac, Android) as part of their daily lives. It's also one of the least expensive. With a free Authy account, you get 100 authentications per month and free support. You'll pay $0.09 for additional authentications with no monthly commitment.

Perhaps strangely, Authy requires a phone number to set up a new account, which does feel a little bit invasive. Despite this, Authy provides lots of great 2FA features, including secure cloud backup.

Authy's app is easy to use, although it could use a design update. Compared to similar apps, it looks old by comparison. Nonetheless, it gets the job done. For additional security, you can protect your Authy account by using Touch ID, PIN protection, and passwords.

Authy by Twilio is available for multiple platforms including Windows, Mac, Android, and Apple devices

Duo Mobile

The most corporate-friendly 2FA authenticator on our list, Duo Mobile is now part of Cisco. As such, it provides developers with essential features like multi-user deployment. For end-users, Duo Mobile covers all of the bases by offering easy, one-tap authentication. It also includes Duo Restore that makes it relatively pain-free to back up Duo-protected accounts, then recover them on new machines.

Additionally, Duo Mobile supports multiple authentication controls, including push notifications, biometrics, and passcodes.

For up to 10 accounts, Duo Mobile is free. Beyond this, it could cost you as little as $3/month. Most individuals will probably be able to stick below the free limit, and save some monthly cash.

Duo Mobile is available for Android and Apple devices

Google Authenticator

Many folks have a love/hate relationship with Google and if you're in the latter category, you probably want to move on to the next option on this list. For everyone else, say hello to the easiest and most basic authenticator app on the planet.

With Google Authenticator, you can quickly add an account and use it at will. Beyond this, certain options are missing, including online backups and an Apple Watch app. For a company of Google's size, these omissions are surprising, especially since it offers users quick assess to Google Drive across many platforms.

If you're an Android user, it's probably wise to skip past Google Authenticator and use the tools available within the operating system on your mobile device. They're much better than the app. For everyone else, Google Authenticator works and it is free. It's also kinda boring, which is something else to consider!

Google Authenticator is available on multiple platforms including Chrome, Android, and Apple devices.

LastPass Authenticator

You might already be familiar with LastPass's password app, that's very popular across various platforms. LastPass Authenticator is a small extension of this, and it's free. Like similar options, LastPass Authenticator supports six-digit generated passcodes alongside SMS codes and automated push notifications.

To activate the app's backup feature, you'll need to set up a free LastPass account. Once you do, Lastpass Authenticator works more smoothly, regardless of the device.

If you're already a LastPass customer (with a free or paid account), it makes sense to use LastPass Authentication. It works wherever Google Authenticator is accepted.

You can find LastPass Authenticator for Windows, Android, and Apple devices

Microsoft Authenticator

It's probably a close draw on which authenticator app gets used in the wild the most, the one from Google or this one, Microsoft Authenticator. I'll take a guess and say it's the one from the Windows maker.

Microsoft Authenticator offers 2FA through phone sign-in or code generation. Increasingly, it's become a critical verification tool for organizations and schools alike, although it's also a popular choice with individuals not necessarily tied to a group.

The Microsoft Authenticator app is free to use across all platforms. However, I suggest not using this with iPhone and Android since the backup process is a tad wonky since the iOS version uses iCloud for backup purposes. Not surprisingly, iCloud isn't accessible to Android users. Otherwise, this is a terrific tool and one you'll see used in various places online.

You can use Microsoft Authenticator on Android and Apple devices

Step Two

Step Two is another authentication app that's only available on Apple devices. In this case, iPhone, iPad, Mac, and Apple Watch. Like with Duo Mobile, you can add up to 10 accounts for free. With iCloud integration, your accounts are synced across all of your devices. For a one-time purchase of $10, you can use Step Two without restrictions. You can also find Step Two on Setapp.

What stands out about Step Two is its beautiful design. The creator, Neil Sardesai, has taken the time to create an authentication app that stands out and is a pleasure to use, regardless of the device. Unfortunately, the same can't be said about other authentication apps like Authy, which need a makeover.

Step Two is available on Apple devices, including Mac and mobile

TOTP Authenticator by AppyFactor

Available on Android and Apple devices, TOTP Authenticator provides has similar features to the solutions above but with some extras. As part of a premium membership (a one-time fee of $5.99), you can unlock a Chrome browser extension that makes using the automatically generated codes easier. Also, with a premium account, you get cloud sync (through Google Drive), a feature that's free with other apps. If you use a free account, you can still export content from the app to use elsewhere.

TOTP Authenticator is currently available on Android and Apple devices.

