Android iPhone and iPad Security

The 5 Best Alternatives to Google Authenticator

Simon Batt Updated 23-03-2020

Google Authenticator is a useful app for keeping track of your two-factor authentication (2FA) keys, but it’s by no means the only one. If you feel it lacks a few key features, or you want something more open-source, there are other authenticators available to suit your needs.


Let’s take a look at some Google Authenticator alternatives, and why you might want one to begin with.

Why Replace Google Authenticator?

Google has tried to dip a toe into niches such as social media and gaming, with the latter getting a less-than-stellar score in our Google Stadia review Google Stadia Review: Console Free Gaming at a Price - Your Sanity! A promising cloud gaming experience hampered by unreliable setup, a limited launch library, and missing features. Read More . Google Authenticator, on the other hand, has over 10 million downloads to date, making it one of the most popular 2FA authenticators for Android.

While it is popular, it’s not perfect. Google Authenticator doesn’t ask you to verify your identity when you open the app. It also doesn’t hide the codes away when you open the app: every code is visible from the get-go. This makes it dangerous if someone gets a hold of your unlocked phone, as they can mess with your codes without issue.

Google Authenticator also doesn’t have any backup or phone transfer features. You can tell this is a problem by looking through some of the negative reviews for the app.

Some people have lost their phones and were locked out of their accounts. Others want to transfer the authenticator over to a new phone, only to find that Google Authenticator doesn’t support this.


As you can see, there’s plenty of reason to look for a Google Authenticator alternative. So, let’s break down five of the best, and how they improve upon Google’s formula.

1. Authy

Authy has positioned itself as a top rival to Google Authenticator. Right off the bat, it offers to back up all of your saved accounts, in case you have to wipe the phone or change phones. It does this by encrypting the information and storing it in the cloud.

Authy also distinguishes itself by offering a desktop app, as well as the smartphone version. This means you don’t need to be continuously tied to your phone for codes; instead, you can get your codes directly from your desktop. This is even more useful if you don’t have a smartphone or tablet.

It offers passcode protection, so no-one can just casually access your codes. As such, if someone gets hold of your unlocked phone, they still have the app’s passcode protection to break into before they can see your 2FA codes.


Blacking out any screenshots taken means Authy can stop malicious agents from snapping images of your codes. This may seem like overkill, but as we covered in our ways to protect yourself against keyloggers 5 Ways to Protect Yourself Against Keyloggers Keyloggers are one of the most feared threats to computer security. Heed these tips so you don't fall victim to hackers. Read More , malware can take snapshots of your screen to read your data.

Authy describes its aim as finding a solution to “a complex problem—killing passwords.” Whether that will happen or not, nobody knows. As for the case of Authy vs. Google Authenticator, however, Authy is a clear winner.

Download: Authy for Android | iOS (Free)


The HENNGE OTP website


HENNGE OTP also offers its users passcode protection to prevent casual snooping The app is compatible with all of the popular services—Google, Facebook, Amazon Web Services, Dropbox, Evernote, and WordPress, to name a few.

The only limitation to this app though is that it is only available for iOS, so Android users are out of luck. If you are an iOS user and want something simple without many bells and whistles, it’s worth trying this app for yourself.

Download: HENNGE OTP for iOS (Free)

3. Sound Login Authenticator

If you want to try something a little more unique, why not log in through sound? No more typing in those pesky codes; just have your phone make a noise, and you’re all signed in.


As is evident by the name of the app, this app relies on sound to generate the one-time codes. It takes a bit of initial setup; you need the app on your phone and the browser extension (Chrome, Firefox, or Opera). Your PC should also have a microphone (we’re dealing with audio, remember?).

When you want to log in, you point your phone to the PC microphone and tap the account on the smartphone screen that you want to access. The app will give off a short ringtone, which transmits the temporary code to the browser extension. This pre-fills the code into the website you’re trying to log into.

As such, this removes the need to quickly type in a 2FA code under a time limit. If you’re a slow typist and need something more comfortable than entering a six-digit code, you may find reprieve with Sound Login.

Download: Sound Login Authenticator for Android | iOS (Free)

4. FreeOTP

The FreeOTP website

If you’re a privacy advocate, you won’t want to touch any 2FA token generator that isn’t open-source. Fortunately, there are apps out there that respect your privacy and use an open-source base, so you can feel confident that companies aren’t harvesting your data.

FreeOTP is developed by Red Hat, an open-source developer that appeared in 1993. You can quickly add a generator with the QR code scanner, or enter your details manually. The app is very lightweight and straightforward, making FreeOTP a fantastic choice if you want a token generator you can trust and nothing more.

Download: FreeOTP for Android | iOS (Free)

5. andOTP

The andOTP logo

If you like the idea of an open-source token generator, but you don’t like FreeOTP’s lack of features, try andOTP instead. It keeps the trustworthy open-source base but adds a heap of useful features on top.

For instance, andOTP can backup your code generators on a server, with different levels of encryption available. You can change the theme if you’re a fan of dark mode. You can lock andOTP behind a password or a PIN code, meaning someone who picks up your phone doesn’t have access to all your codes without being challenged.

Finally, the app has the aptly-named “panic trigger.” If you think your phone is compromised, you can send the app a panic trigger. You can choose what the app does with this trigger; it can either wipe every account, reset the app to default settings, or both.

Unfortunately, at the time of writing, andOTP is only available for Android. As such, iOS users who want an open-source solution can stick with FreeOTP for the time being.

Dowload: andOTP for Android (Free)

Choosing Powerful Alternatives to Google

Google Authenticator has a huge number of downloads, but it’s by no means the best. If you’re looking for password-secured app access, backups, and open-source code, you’ll have better luck with the best Google Authenticator alternatives available.

If you’re ready to cut the cord completely, be sure to check out the alternatives to Google Search, News, Docs, and more Goodbye Google: The 15 Best Alternatives to Search, News, Docs, and More Do you want to switch away from Google for good? These are the best alternatives for all the major Google apps and services. Read More .

Related topics: Android Apps, Google Authenticator, iOS Apps, Online Security, Two-Factor Authentication.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Rob
    April 7, 2020 at 2:50 pm

    I strongly suggest that in the future when you write articles that you actually do your due diligence and actually research what you are writing instead of just going off of a review from someone that obviously didn't do their research. This is a serious disservice to your readers and perpetuates inaccuracies on the Internet.
    Google Authenticator CAN absolutely be moved between devices and the assumption that it can't shows a lack of understanding your field. Your first assumption should have been, "no, that doesn't make sense," just as mine was.

    One simple Google Search turned up this:

    Also, you should look into a FIDO standard key for physical 2FA to provide additional protection.

  2. Nitin
    February 12, 2019 at 12:07 pm

    TOTP Authenticator works like a charm. It overcomes all the shortcomings of Google Authenticator such as no option to back up codes. It beats other 2FA apps by providing more customization features. Plus, it is available for both Android and iOS!

  3. William Conor
    September 19, 2018 at 4:18 pm

    NIST, the National Institute of Standards and Technology issued guidance that found SMS insecure and no longer suitable as a strong authentication mechanism...

    I am using WebADM from RCDevs Multi-Factor Authentication with Hardware Token (U2F) and Hardware Security Modules (HSM) in order to comply with the highest security requirements...

    This Security Solution is like a Swiss Army Knife. So many features, just have a look at it.

    It is even free up to 40 users.

  4. Katy Wilson
    June 28, 2018 at 4:01 am

    I fully agree with the previous comments about Protectimus. It is really worth mentioning here. I did not have any problems with the app during 2 years of using. I contacted support just once when I deleted the app by mistake. The problem was solved quickly.

  5. Bill Morison
    June 22, 2018 at 10:15 am

    One more interesting alternative should be mentioned. I am talking about recently released reprogrammable hardware tokens Protectimus Slim mini. You can write the Google Authenticator seed in such token with the help of a special app and a smartphone supporting NFC, and it will replace the app. It is well known that hardware tokens are much more reliable than software ones. So this is a good news. By the way, you can order such token with your corporate logo on it. Branding costs 300 bucks, but it's good that it's possible. We ordered 50 branded Slims for our university and they look well.

  6. miele
    January 11, 2018 at 11:47 am

    Authy and GoogleAuth both have the disadvantage that they become very unfiendly to use when you have a huge number of accounts. Google really becomes a mess, without the possibility to edit the text, but also authy falls short, as you can only edit the username, but not the accoutname and they even shorten the name using ...
    Why waste so much screenspace on showing a HUGE number and show the most important data in very small boxes? At least the desktop version of authy has a show-list option, but here also the font is too large and you cannot resize the window.
    (ps. this only becomes a problem if you have 20+ accounts)

  7. Igor
    September 20, 2017 at 6:45 pm

    Yandex Key is also the best way

  8. hefnawy
    April 16, 2017 at 6:40 am

    Another good one should be mentioned:
    SAASPASS - Security as a service Pass management.
    that one is very sleek and handy, secure and intuitive.

  9. Sam
    November 17, 2016 at 2:21 pm

    One more interesting alternative should be mentioned. I am talking about recently released reprogrammable hardware tokens Protectimus Slim mini. You can write the Google Authenticator seed in such token with the help of a special app and a smartphone supporting NFC, and it will replace the app. It is well known that hardware tokens are much more reliable than software ones. So this is a good news.

    • Bill Morison
      June 22, 2018 at 10:20 am

      By the way, you can order such token with your corporate logo on it. Branding costs 300 bucks, but it's good that it's possible. We ordered 50 branded Slims for our university and they look well.

  10. Elena
    June 9, 2016 at 1:15 pm

    The best alternative I've used and still using for my website is UNLOQ . It's not just for mfa, but also for transaction authorisation and encryption. Works on all platforms and allows customisation.

  11. Landon
    May 26, 2016 at 2:00 pm

    I use Protectimus Smart app, and it is also good. It is easy to use, protected with the PIN code, and compatible with the smartwatch. It's a pity this app wasn't mentioned in the article.

  12. Anonymous
    April 7, 2016 at 2:23 pm

    I just checked out the Authy site. For all intents and purposes their focus is exclusively on mobile applications. Other than admitting that they do have a desktop option, they offer very little info about it. There is a tutorial but it is only for mobile devices. It seems that the desktop app is something the company would very much like to dissociate itself from.

    • Mark O'Neill
      April 8, 2016 at 1:53 pm

      Really? I didn't get that impression about the desktop app. Interesting you should say that.

  13. Anonymous
    April 7, 2016 at 1:09 pm

    "But YubiKeys cost money"
    For those that do not own a smartphone, purchasing a YubiKey is way cheaper than buying a smartphone. You cannot assume automatically that EVERYBODY owns or even wants a smartphone.

    • Mnemo
      April 7, 2016 at 1:21 pm

      There are alternatives that do not require a mobile phone like Authy as mentioned above.