Usernames and passwords aren’t enough to protect your accounts any longer. In an environment that calls for critical security, the industry is moving toward requiring three-factor systems, which requires three things:
- Something you have (such as your password)
- Something you have (such as your phone)
- Something you are (such as your fingerprint)
In the early days of two-factor, the “something you have” was a key fob (and many cases where mobile devices aren’t appropriate, it still is). However, between the rise of security management on mobile devices and so many services now supporting the apps, there are some quality choices available for managing two-factor access to services. Below are some good options, as well as our thoughts on each.
It’s important to point out that many sites will explicitly say Google Auth – however, it doesn’t matter what app you’re using. If it supports Google Auth, it supports any of the below.
Being a Microsoft partner supporting many companies using Office365, our preferred two-factor application is Microsoft’s Authenticator. It provides the best experience with Microsoft services, allowing you to simply tap Approve or Deny instead of looking up and copying over a 6 digit code. However, it also supports that code system for other non-Microsoft services. On iPhone, Microsoft Authenticator can back up to your iCloud (as of this writing, Android backups are planned, but not yet implemented). The primary downside to the Microsoft authenticator is that it is mobile device only, and the lack of Android backups is a pretty large hole for something so important. However, if you’re an all day, every day Microsoft user, this is your answer, hands down.
Authy is the best overall application for two-factor accounts. While it does support push notifications, it’s up to the service to support the push, so it’s not very frequent. However it has some substantial benefits over Microsoft’s Authenticator, in that the accounts can be backed up (and will follow you if you get a new phone), and the accounts can be accessed on multiple devices. If you’ve standardized on Authy and manage to forget your phone that day, you can simply load up the Authy PC app, and access all the same accounts. You can even access your codes from your Apple Watch.
Last but not least, Google Authenticator is another quality option. We firmly believe that Authy provides the best experience aside from the benefits that Microsoft provides, so there’s not a lot to say about this one. If you don’t like the UI in Authy, you may find the Google one better, but most reviews disagree. Regardless, it is a quality product from a trusted name and the best known two-factor app on the market. It is limited to mobile devices only.