What Are Authenticator Apps and Why Should You Use Them?#
Authenticator apps are mobile applications that generate secure codes for verifying your identity when you log into online accounts, serving as a second layer of defense known as two-factor authentication (2FA) or multi-factor authentication (MFA). Even if your password is guessed or stolen, an attacker cannot log in without the time-based code generated by your authenticator app. Examples include Microsoft Authenticator, Google Authenticator, Authy, and Dashlane.
Why Use an Authenticator App?#
- Better Security: Passwords are easily guessed or stolen. Authenticator apps require a unique, time-sensitive code in addition to your password, making your accounts much harder to compromise.
- Phishing Protection: Even if you are tricked into entering a password on a fake site, the attacker won’t have your 2FA code.
- Works Offline: No need for SMS codes, which can be intercepted. Authenticator apps run locally and work anywhere.
- Quick Approvals: Some (like Microsoft Authenticator) let you approve logins with a tap, rather than entering codes.
Where Can You Use Authenticator Apps?#
Most popular online services support authenticator apps:
- Microsoft, Google, Amazon, Facebook, Instagram, Twitter/X, GitHub, banking/finance, email providers, and many cloud services.
- Look for “Two-Factor Authentication,” “Security,” or “Login Methods” in your account settings.
- For discovering which services support 2FA and authenticator apps, 2fa.directory is an excellent comprehensive resource. It categorizes thousands of websites and services by industry—banking, gaming, government, social media, cloud computing, and more—and shows you which support two-factor authentication and which support authenticator apps. This directory helps users easily verify whether their favorite sites have added MFA for enhanced security.
How to Set Up Popular Authenticator Apps#
Microsoft Authenticator#
- Download: Install from App Store or Google Play.
- Open and Add Account: Tap “+” to add a new account.
- Enable 2FA on the website/service, choose “use an app,” and scan the QR code.
- Enter the authentication code from your app to confirm.
- (Optional) Add recovery options.
Google Authenticator#
- Download: Available for Android/iOS.
- Add Account: Tap “+” for “Scan QR Code” from a website’s 2FA setup.
- Enter the generated code back on the site.
Authy#
- Download: Install for Android, iOS, Windows, or macOS.
- Register: Enter your phone number and email, verify with SMS/call.
- Add Accounts: Use “+ Add Account” and scan website QR code.
- Cloud Backup: Authy’s special cloud backup helps restore your codes on new devices.
Dashlane Authenticator#
- Download: Get the app from your store.
- Add Token: Use the prompts to scan the website’s QR code, then confirm.
Quick Comparison Table#
| App | Main Features | Cloud Backup | Multi-device | Price |
|---|---|---|---|---|
| Microsoft Authenticator | Tap approvals, hides codes, MS account | Yes | No | Free |
| Google Authenticator | Simple, groups accounts | Yes | Yes (now) | Free |
| Authy | Cross-platform, cloud backup, PIN/FaceID | Yes | Yes | Free |
| Dashlane Authenticator | Simplicity, integrates with Dashlane | No | No | Free |
Final Tips#
- Set up backup and recovery options for each app.
- Store backup codes securely.
- Periodically review which accounts you’ve protected with 2FA.
Some websites provide one-time security codes that function as backups in case the user loses access to their authenticator app. These codes can be written on paper and stored in a safe.