This was originally written and posted by Albert Khoury on June 26, 2021 on komando.com.
A strong password is a given when it comes to securing your accounts. It should be a complex combination of letters, numbers and alternating capitalization. It should not be short. While remembering a strong password is difficult, password managers take the guesswork out of all this.
Nearly 8.4 billion bad passwords were recently leaked online as part of a breach and yours may be among them.
Having a strong password is just the first step. You want to add extra layers of protection as hacks and breaches become more prevalent. Authenticator apps, like password managers, automate this process.
Two-factor authentication
You can never be too safe when it comes to online security and two-factor authentication, or 2FA, will beef up your defenses. It can be something only you know (an answer to a question), something you have (your device), or who you are (a fingerprint, voice pattern or facial scan).
If any of these factors aren’t recognized, you won’t be able to get into your account. Take, for example, a passcode sent to your phone. Only you should be able to unlock your phone and see the passcode, so there’s your 2FA. The problem is your phone or SMS can be hacked, giving access to that code to an unwelcome party.
Authenticator apps
An authenticator app is usually installed on your smart device. It generates one-time passcodes consisting of 6-8 digits every 30 seconds. The code expires after 30 seconds, so if someone manages to get a hold of it, it won’t work after that time has passed. You don’t need to provide a phone number to the app, and the app itself is unique to your phone.
Setting up an authenticator app with a site usually consists of scanning a QR code with the app to save a secret key. After that, whenever you log in to that site, it sends a code to your app generated from the secret key initially created plus the current time.
Which authenticator app is right for you?
You want an authenticator app that securely backs up your account info in case you lose or replace the device you installed it on. Not all apps are compatible with all platforms, so that’s a factor to consider as well. Let’s check out some of the more popular ones.
Google Authenticator
Google’s authenticator app is simple and easy to use and works on both iOS and Android. Setup is as easy as taking a picture of a QR code.
Google Authenticator’s simplicity comes at the expense of some features. It doesn’t back up your account codes online. You can’t lock the software itself, so if someone unlocks your phone, they can access your codes.
If you need to set up Google Authenticator on a new device, you’ll have to go through the setup process and add all your accounts again.
Microsoft Authenticator
Microsoft’s authenticator app also works on iOS and Android. Setup involves taking a picture of a QR code.
Microsoft Authenticator securely backs up your account data to the cloud so you can use it and add it to multiple devices. If you use this app with your Microsoft accounts, you can access them with one tap, thanks to the app’s built-in password manager.
LastPass Authenticator
If you already have a LastPass account, you can set up LastPass Authenticator by tapping a notification. Having a LastPass account also lets you create a backup of your codes if you need to install the authenticator on a new device.
LastPass Authenticator works best when integrated with a LastPass account. It works with the password manager to enable one-tap access to your accounts, though this feature is limited in its scope of sites.
Duo Authenticator
For organizations of all sizes that need to protect sensitive data at scale, Duo is the user-friendly zero-trust security platform for all users, all devices and all applications. Designed for the modern workforce and backed by a zero trust philosophy, Duo is Cisco's user-friendly, scalable access security platform that keeps your business ahead of ever-changing security threats.