Best authenticator apps for Android, iOS, Windows, and macOS

by

If you use two-factor authentication with one-time codes generated in an app, Google Authenticator is not your only option. Since Google’s original solution was created a decade or so ago, a number of alternatives that outperform it in convenience and functionality have come on the scene.

As recently, you could count available authenticator apps on one hand, but with a few dozen in the mix now, it is easy to get lost in the options. To help you choose an authenticator that works with your operating systems, we have grouped the 10 most noteworthy by OS:

  • Authenticator apps for Android: andOTP, Twilio Authy, Google Authenticator, Microsoft Authenticator, Cisco Duo Mobile, FreeOTP
  • Authenticator apps for iOS: OTP auth, Step Two, Twilio Authy, Google Authenticator, Microsoft Authenticator, Cisco Duo Mobile, FreeOTP, iOS built-in authenticator
  • Authenticator apps for Windows:2FA Authenticator Desktop, 2FA Authenticator, WinAuth, Twilio Authy
  • Authenticator apps for macOS: Step Two, OTP auth (paid version only), Twilio Authy

1. Google Authenticator

Operating systems: AndroidiOS

Anyone reading this post is probably already familiar with the overwhelmingly popular Google Authenticator. However, we can’t write about authenticator apps without mentioning this one — and we can use Google’s authenticator as a baseline for evaluating the other programs.

Pros:

  • No need to create an account,
  • Face ID/Touch ID protection for app access (iOS version only),
  • Simple interface with minimal settings,
  • Ability to export and import all tokens at once,
  • Ability to search by token name (iOS version only).

Cons:

  • No login protection (Android version),
  • Inability to hide codes,
  • No cloud backup/sync,
  • Greater potential risk, because of ease of exporting tokens, if the unlocked app falls into the wrong hands.

2. Microsoft Authenticator

Operating systems: AndroidiOS

Many people looking for an alternative to Google Authenticator turn to Microsoft Authenticator based solely on the reputation of the developer. They’re partly justified: The Microsoft app includes a few useful additions to the basic set of features. For example, it can hide codes on the screen and store tokens in the cloud, and both the iOS and Android versions protect app logins. Microsoft Authenticator also comes in handy if you work with Microsoft accounts regularly, in which case you do not need to enter a code, just tap the button in the app to confirm login.

However, this app also has drawbacks. First, the Android and iOS apps use completely incompatible cloud backup systems, and you can’t transfer tokens any other way. For users of devices with different operating systems, that would be a deal-breaker. Second, Microsoft Authenticator needs about 10 times the storage space of Google Authenticator, 150MB–200MB compared with 15MB–20MB.

Pros:

  • PIN-, fingerprint-, or Face ID–protected access,
  • Cloud backup/sync,
  • Hides codes,
  • No account required (as long as you keep cloud backup disabled),
  • Greatly simplified Microsoft account login,
  • Support for Apple Watch (iOS version).

Cons:

  • Microsoft account login necessary for backup/sync (Android version only),
  • Incompatibility between iOS and Android backup/sync systems,
  • Inability to export or import tokens,
  • Large (requires 150MB–200MB).

3. Twilio Authy

Operating systems: AndroidiOSWindows, macOS, Linux

Twilio Authy’s main advantage is its comprehensive cross-platform support. Not only does Authy offer versions for all current operating systems, but also, the app syncs them all handily. That easy access does come with one disadvantage, though. The app requires an account linked to your phone number to work at all.

Twilio Authy has apps for every operating system

The app’s interface looks very different from those of other authenticators. Instead of a list, it has something like a set of tabs, so at any given moment, it displays only the selected token, leaving the rest to appear as small icons that you can switch between at the bottom of the screen. If you have a lot of tokens, that can be inconvenient. Desktop users can display tokens as a list, but the option isn’t available in the mobile version.

Pros:

  • PIN-, fingerprint-, or Face ID–protected access,
  • Cloud backup/sync,
  • Availability for all popular operating systems,
  • Support for Apple Watch (iOS version),
  • Ability to search by token.

Cons:

  • Requires an account linked to a phone number,
  • Displays only one token at a time,
  • Inconvenience of searching for tokens,
  • Inability to hide the active token’s code,
  • Inability to export and import tokens.

4. Cisco Duo Mobile

Operating systems: AndroidiOS

Duo Mobile, acquired by Cisco in 2018, is one of the oldest authenticator apps. Its main advantage is a clean, user-friendly interface. Duo Mobile also hides codes from view and does not require an account. However, the software lacks other important features: first and foremost, access protection, which neither the iOS nor the Android version has.

Pros:

  • Clean, user-friendly interface,
  • Ability to hide codes,
  • No need to create an account,
  • Cloud backup/sync,
  • Apple Watch support (iOS version).

Cons:

  • No access protection,
  • Inability to export or import tokens,
  • Incompatible backup/sync systems for iOS and Android.

5. FreeOTP

Operating systems: AndroidiOS

This open-source authenticator app was created after Google closed its Authenticator source code. The FreeOTP interface is ultraminimalistic, with nothing superfluous. This minimalist approach is especially apparent in the iOS version, which lacks even the option to create a token based on a secret key, leaving only QR-code scanning. The Android version retains both options, and it offers a lot of flexibility in manual token creation, letting users choose the type of generation (TOTP or HOTP), the number of characters in the code, the algorithm, and the refresh interval for the codes.

Pros:

  • No need for an account,
  • Simple interface,
  • Hidden codes as default,
  • Codes automatically hidden after 30 seconds of inactivity,
  • Minimal storage requirement,
  • Touch ID or Face ID protection for tokens (iOS version only),
  • Ability to search by token name (iOS version).

Cons:

  • Inability to generate a token with a secret key (iOS version; requires scanning a QR code),
  • Inability to export and import tokens,
  • Inability to backup/sync,
  • Lack of access protection.

6. andOTP

Operating systems: Android

The andOTP authenticator has everything you can think of to conveniently and securely save tokens, and then some. For example, andOTP’s features include tag support and search for tokens by name. There is also an option to connect a “panic button” so that in case of emergency, you can erase all tokens from the app and reset.

Pros:

  • Access protection with a PIN or password set in the app, or with the OS login PIN or fingerprint,
  • Ability to view the secret key or QR code for any token,
  • Ability to export all tokens at once to an encrypted file in Google Drive,
  • Code-hiding,
  • Automatic hiding of codes when the user is inactive (after 5–60 seconds, configurable),
  • Automatic locking of the app when the user is inactive (after 10–360 seconds, configurable),
  • Flexible token searching by name or using customizable tags,
  • panic button
  • Flexible and plentiful settings.

Cons:

  • Android-only availability,
  • Ease of key retrieval, meaning greater risk if the unlocked app falls into the wrong hands.

7. OTP auth

Operating systems: iOSmacOS ($5.99)

If you are an iPhone user who read the above descriptions of andOTP and started to feel jealous of Android owners, we have good news for you: A cutting-edge authenticator app for iOS is also available. The creators of OTP auth clearly understand the problems of people who use 2FA in a lot of services, so this app features a system of folders for organizing token storage.

Pros:

  • Ability to view the secret key or QR code of any token,
  • Ability to export all tokens to a file at once,
  • iCloud backup/sync,
  • Folder system for organized token storage,
  • Apple Watch support,
  • Configuration of code display format,
  • Access protection with password or Touch ID/Face ID.

Cons:

  • Exists only for iOS and macOS (and only as a paid version for macOS),
  • Inability to hide codes,
  • Icon customization available in paid version only,
  • Greater potential risk, because of ease of key retrieval, if the unlocked app falls into the wrong hands.

8. 2FA Authenticator Desktop

Operating systems: Windows, download from Microsoft Store

2FA Authenticator Desktop is a elegant and easy to use authentication app design for Windows platform. It is available on the Microsoft Store. 2FA Authenticator Desktop brings the future of strong authentication to the convenience of your Windows device. The 2FA Authenticator Desktop app generates secure 2 step verification tokens on your device. It helps you protect your account from hackers and hijackers by adding an additional layer of security,

The verification code can be generated by the 2FA Authenticator Desktop app on your Windows, even if you don’t have a internet.

Pros:

  • No unnecessary features,
  • No need to create an account,
  • Ability to scan QR codes on screen
  • Ability to scan QR file
  • Ability to add manual
  • Ability to search by token name.
  • Ability to export and import token
  • Very lightweight

Cons:

  • No access protection,
  • Does not hide codes,
  • No cloud backup

9. 2FA Authenticator

Operating systems: Windows, download from Microsoft Store

2FA Authenticator is a elegant and easy to use authentication app design for Windows platform. It is available on the Microsoft Store. 2FA Authenticator adds an extra layer of security to your online accounts by adding a second step of verification when you sign in. This means that in addition to your password, you’ll also need to enter a code that is generated by the 2FA Authenticator app on your desktop.

The verification code can be generated by the 2FA Authenticator app on your Windows, even if you don’t have a internet.

Pros:

  • No unnecessary features,
  • No need to create an account,
  • Ability to scan QR codes on screen
  • Ability to scan QR file
  • Ability to add manual
  • Ability to search by token name.
  • Ability to export and import token

Cons:

  • No access protection,
  • Does not hide codes,
  • No cloud backup

10. WinAuth

Operating systems: Windows

WinAuth targets gamers primarily. The app’s unique superpower is its support for nonstandard tokens for authentication in Steam, Battle.net, and Trion/Gamigo games. If you are looking for an alternative to Steam Guard, Battle.net Authenticator, or Glyph Authenticator/RIFT Mobile Authenticator, this may be the app for you.

Pros:

  • Support for nonstandard tokens for gaming services, meaning it can replace Steam Guard and Battle.net Authenticator, as well as Glyph Authenticator and RIFT Mobile Authenticator,
  • Support for token export in an unencrypted text file or in an encrypted archive,
  • Codes hidden,
  • Automatic code hiding after more than 10 seconds of user inactivity,
  • Access protection through password or YubiKey (that is, U2F),
  • Additional password protection available for each token,
  • Portable, with flash drive and cloud storage options,
  • Can encrypt stored data,
  • Ability to scan QR code from file (local or on the Internet).

Cons:

  • Steam token creation requires giving WinAuth your Steam username and password,
  • Using a two-factor authentication app on a PC is not advisable in general,
  • No version for other operating systems,
  • Greater potential risk, because of ease of key retrieval, if the unlocked app falls into the wrong hands.

11. iOS and macOS built-in authenticator

Operating systems: iOS (built in to the system), macOS (built in to the Safari browser)

Starting with iOS, all versions of the iPhone’s operating system have a built-in 2FA one-time code generator. To find it, go toSettings → Passwords, select a stored account (or create a new one), and under the heading Account Options tap Set Up Verification Code…. The rest is as usual: You can either scan the QR code or manually enter the secret key — or scan the authenticator QR code right from the camera app and then add a token to an existing account in Passwords. Inconveniently, the latter method will not prompt you to create a new account.

Pros:

  • Availability on every iPhone (iOS 15 and later) and every Маc (regardless of OS, Safari 15 and later),
  • No need to create a separate account,
  • Ability to add a token directly from the camera app (but only to an existing account; it won’t work for creating a new one),
  • Autofill for one-time codes,
  • Access protection using Touch ID or Face ID,
  • iCloud backup/sync.

Cons:

  • Location in the depths of iOS or Safari settings,
  • Display of only one token at a time,
  • Inability to hide codes,
  • Visible account password next to the code (iOS version),
  • Storage of 2FA tokens and passwords together antithetical to principles of two-factor authentication,
  • Inability to export and import tokens.

Leave a Comment