Pinterest Stumbleupon Whatsapp
Ads by Google

I have been interested for quite some time now about the importance 10 Tips For Safe & Secure Shopping Online This Holiday Season 10 Tips For Safe & Secure Shopping Online This Holiday Season The Holidays are almost upon us once again. And that can only mean one thing - yep, its time to buy gifts at the last minute again! But how do you avoid criminals while buying... Read More of two-factor authentication Lock Down These Services Now With Two-Factor Authentication Lock Down These Services Now With Two-Factor Authentication Two-factor authentication is the smart way to protect your online accounts. Let's take a look at few of the services you can lock-down with better security. Read More – 2FA – (or two-step authentication What Is Two-Factor Authentication, And Why You Should Use It What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More ). In fact, just recently, I discussed the advantages of using a YubiKey Does YubiKey Make Two-Step Authentication Less Annoying? Does YubiKey Make Two-Step Authentication Less Annoying? If you find two-factor authenication a pain, you'll be happy to hear that there is now another option. Let's take a look at how YubiKey can make your online accounts more secure. Read More instead of an authentication app, which streamlines and speeds up the whole 2FA process.

2FA

But YubiKeys cost money, and you may not want to spend money on a security feature you can use for free. Therefore, you will need a good smartphone authentication app to generate the codes to get into your account. Today, we will look at five possibilities. Others have been tried, tested, and ultimately discarded; these survived the rigorous testing at O’Neill Labs, helped by my assistant, Beaker.

First, a Quick Look At Google Authenticator

2016-03-18 14.14.39

Before we start looking at alternatives, let’s take a look at Google’s app Google Recommends 2-Step Process To Protect Your Account [News] Google Recommends 2-Step Process To Protect Your Account [News] Most savvy Internet users probably have at one at least Google account - mainly because Google, for good or bad, crosses paths with so many other websites that it's hard to avoid not using the... Read More . You may not be familiar with it, so it’s useful to have a quick look for comparison purposes. Google Authenticator is very well made and more than does the job it promises. There are some Google products which are “meh” and some which are superior. Authenticator definitely falls into the latter camp.

The 2FA process for various accounts (and many are supported), differs from site to site. But to switch on 2FA for Google accounts, you first need to go here and click on Start Setup.  Enter your phone number and how you would like the number verified (a SMS is usually easiest). Enter the verification code you are sent, and switch on 2FA.

Ads by Google

To use the Authenticator app, you will have to choose the Switch To App option on the Google webpage. Now open Authenticator, and tap the “+” icon at the top right hand side. This will pop up two options at the bottom of the screen. Choose Scan barcode.

2fa_scanbarcode

When you choose Switch To App on the Google website, a QR code appears What Are QR Codes? Digitize Your World & Back Again What Are QR Codes? Digitize Your World & Back Again Read More . Use Authenticator’s QR code reader to scan the code, and the account will appear on the Authenticator screen. Enter the six digit code from Authenticator into the website box and click Verify and Save. Everything should now be tickety-boo.

From now on, whenever you are asked for a 2FA code, just open up Authenticator, get the current code, and enter it on the account screen. The little countdown icon to the right of the code will tell you how long you have until the code changes.

Now that you have an overview of Google Authenticator, let’s take a look at those five free equivalents. It’s worth setting up a dummy email account and trying them all out to see which one ultimately meets your standards.

Authy

authy

Authy has positioned itself as the clear rival to Google Authenticator, and right off the bat, it does have one clear advantage. It offers to back up all of your saved accounts, in case you have to wipe the phone, or if you change phones. This is it does by encrypting the information and storing it in the cloud.

Authy also distinguishes itself by offering a desktop app, as well as the smartphone version. So you don’t have to be handcuffed to your phone if you don’t want to. Instead, you can get your codes directly from your desktop computer screen. If you don’t own a smartphone or tablet, Authy is particularly useful, allowing you to finally use 2FA.

Finally, it offers passcode protection, so no-one can just casually access your codes. Why has Google not implemented this with Authenticator?

Authy describes its aim as finding a solution to “a complex problem – killing passwords”. Whether that will happen or not, nobody knows. But they sure make one solid app which gives Google a serious run for their money.

Duo

duo1

Duo is very visually pleasing. The dark green color, the “interesting” logo, the huge numbers. The only thing which lets the side down is the lack of a countdown clock, so you could be in the middle of typing the number in, only for it to change suddenly.

Duo also knocks Google Authenticator down a notch by offering iCloud backup of all your information. But the downside to that is that it can only be used to restore to the same phone, not to a new phone. So if you have to reset the phone to factory setting for example.

Most intriguingly, Duo also works on ordinary cellphones and landlines, and even BlackBerrys and Windows Phones! So, all the rare, antique devices then.

HDE OTP

hdeotp1

HDE OTP also offers their users passcode protection, to stop the snoopers from snooping. The app is compatible with all of the popular services — Google, Facebook, Amazon Web Services, Dropbox, Evernote Evernote Now Extending Two-Step Verification To All Users Evernote Now Extending Two-Step Verification To All Users Evernote has just extended their Two-Step Verification program to all users to ensure account holders can improve their security. Read More , WordPress 4 Ways You Can Add Two-Factor Authentication To Your WordPress Blog 4 Ways You Can Add Two-Factor Authentication To Your WordPress Blog Read More — to name a few. The only limitation to this app though is that it is only available for iOS. So, sorry users of other operating systems.

But if you are an iOS user, and want something simple, without many bells and whistles, this is a solid contender to think about.

Authenticator Plus

authenticatorplus2

Authenticator Plus is a free app, but when you start it up, you are told that if you are willing to pay a very small one-time payment, it will unlock lots of other features, as you can see below. You can easily reject the offer though and continue using it for free. It doesn’t seem to nag you again.

authenticatorplus1

To get the full benefit of Authenticator Plus, you should really crack open the wallet or purse and pay the few Euros/Dollars that it asks for. As you can see, it is quite clearly worth it, and puts Google Authenticator to shame.

Everything is encrypted with a passcode, and you can import/export your settings from/to iCloud What Is iCloud Drive & How Does It Work? What Is iCloud Drive & How Does It Work? If you have updated your iPhone or iPad to iOS 8, and your Mac to OS X Yosemite, then you're ready for Apple's iCloud Drive. But what is it, and why should use it? Read More and Dropbox. Paying the payment gets you cool features such as organizing accounts into categories, cross-platform syncing, and automatic backups.

If I had to choose a preference to Google Authenticator, this would be the one I would highly recommend.

Sound Login Authenticator

soundlogin1

I’m going to end with one which is very interesting, but I think it is ultimately a bit of a gimmick. It’s still very intriguing though as it shows that a wide range of different possibilities to the 2FA situation are actively being researched. Who would have thought sound would play a part in generating one-time codes?

As is obvious by the name of the app, this option relies on sound to generate the one-time codes. As well as the apps, it also requires that you install a browser extension (Chrome, Firefox, or Opera). Your PC should also have a microphone (we’re dealing with audio, remember?).

When you want to log in, point your phone to the PC microphone, and tap the account on the smartphone screen that you want to access. The app will give off a short ringtone which transmits the temporary code to the browser extension. This pre-fills the code into the website you’re trying to log into. So there’s no typing involved. Just point the phone, tap, and wait.

It was a bit glitchy though, giving me inaccurate codes at first, but in the end, I got it to work just fine. So it looks as if the rough edges on this one need to be smoothed out, making it impractical as your sole 2FA application. Still worth looking at for the novelty value alone.

Conclusion

safe

In an era where hacking and identity theft are on the rise, it is absolutely essential that you enable two-factor authentication Lock Down These Services Now With Two-Factor Authentication Lock Down These Services Now With Two-Factor Authentication Two-factor authentication is the smart way to protect your online accounts. Let's take a look at few of the services you can lock-down with better security. Read More . But the key to sticking with it is to find a 2FA solution which you are comfortable with. Whether that’s an app or a YubiKey is a matter of personal preference. But hopefully this article has shown that you don’t always have to follow the Google line, however much they try to convince you otherwise. There ARE other options out there.

Have any of these apps piqued your interest? Or do you already have a firm favorite? Let us know your preferences in the comments below.

Image Credit: Safe – Pixabay

  1. Sam
    November 17, 2016 at 2:21 pm

    One more interesting alternative should be mentioned. I am talking about recently released reprogrammable hardware tokens Protectimus Slim mini. You can write the Google Authenticator seed in such token with the help of a special app and a smartphone supporting NFC, and it will replace the app. It is well known that hardware tokens are much more reliable than software ones. So this is a good news.

  2. Elena
    June 9, 2016 at 1:15 pm

    The best alternative I've used and still using for my website is UNLOQ . It's not just for mfa, but also for transaction authorisation and encryption. Works on all platforms and allows customisation.

  3. Landon
    May 26, 2016 at 2:00 pm

    I use Protectimus Smart app, and it is also good. It is easy to use, protected with the PIN code, and compatible with the smartwatch. It's a pity this app wasn't mentioned in the article.

  4. fcd76218
    April 7, 2016 at 2:23 pm

    I just checked out the Authy site. For all intents and purposes their focus is exclusively on mobile applications. Other than admitting that they do have a desktop option, they offer very little info about it. There is a tutorial but it is only for mobile devices. It seems that the desktop app is something the company would very much like to dissociate itself from.

    • Mark O'Neill
      April 8, 2016 at 1:53 pm

      Really? I didn't get that impression about the desktop app. Interesting you should say that.

  5. fcd76218
    April 7, 2016 at 1:09 pm

    "But YubiKeys cost money"
    For those that do not own a smartphone, purchasing a YubiKey is way cheaper than buying a smartphone. You cannot assume automatically that EVERYBODY owns or even wants a smartphone.

    • Mnemo
      April 7, 2016 at 1:21 pm

      There are alternatives that do not require a mobile phone like Authy as mentioned above.

Leave a Reply

Your email address will not be published. Required fields are marked *