Passwords mark the first step in account security, but they’re not sufficient to keep accounts safe in this day and age. Enter two-factor authorization (2FA), a ‘double lock’ that dramatically enhances account security. When using 2FA, there are several options for getting the second authentication code: text messages, authenticator apps, and hardware keys being the most common.
2FA stops hackers (or anyone else) from remotely accessing your account if they know your log-in details (or can force their way in). 2FA does this by requiring an additional form of authentication that’s different from something you know (passwords or answers to a security question are something you know as your have to memorize it).
Authenticator apps are one of the more secure 2FA options available. Authenticator apps provide codes (also known as tokens) that you input in addition to your password in order to access your account. Authenticator apps are a major upgrade from text messages because someone could get ahold of your phone, or worse, steal your phone number (via SIM-jacking or SIM-swapping) to get your messages on their phones. This is the most frequent way that account takeovers happen to people who are using 2FA.
The most popular authenticator app is Google Authenticator, and Microsoft Authenticator is another choice – but while those are solid choices we prefer and recommend one called Authy.
Authy is a free authenticator app available on iOS, MacOS, Android, Chrome, and Windows devices. It generates codes for any of your linked accounts and it’s one of the more secure authenticator apps available.
You can link Authy to your supported accounts using QR codes. Just scan the code, and Authy will start generating codes for that account.
Authy’s code generation isn’t dependent on online access so if you’re on airplane mode or your phone has no access to the internet, you can still generate codes for your accounts.
You can access Authy via passwords, pins, or touch ID. All account data is encrypted on the cloud and any codes are generated on the device itself so a hacker can’t access them remotely.
This is one of Authy’s major differentiators and a huge selling point. You can sync your Authy account across multiple devices and platforms without having to relink all your accounts manually. You can also manage which devices have access to your Authy account. If you happen to misplace a device with Authy installed, you can disable it via one of your other Authy-installed devices.
Easy to use back-up
If you enable authenticator backups, (available if you have Authy on multiple devices) your 2FA data is encrypted and stored on the cloud (any tokens are still device-generated). Backups require a password and ensure that if you lose a device, you aren’t completely locked out of your accounts. This solves a common issue many authenticator apps run into. If a device is lost, you lose access to many accounts and it becomes a major problem to reinstate those accounts. With Authy’s back-up feature, you don’t run into that risk.
Life with Authy
Linking your account with Authy (and any authenticator app) is usually the most time-intensive step but as we mentioned, Authy (and other authenticator apps) offer a QR code scanning option which saves a lot of time.
One thing to note is that not all accounts support authenticator apps as a form of 2FA (or they may not support 2FA at all). If that’s the case, you’re not able to use Authy (or any authenticator app) to secure that account. To see what you can or can’t use with Authy, check out Authy’s compatibility site here.
Once you’ve linked your accounts with Authy, you simply log into your accounts with a password then check your app for the code Authy has generated for that account. Tokens are refreshed consistently so you don’t have to initiate a code generation.
For certain accounts, Authy supports push-based notification. This means you don’t have to enter in a generated code, all you have to do is push a verification button on the Authy app and you’ll have access to your account. It’s a small change but it adds up if you’re logging into several accounts and services on a daily basis.
Authy’s most attractive feature is its easy to use backup option and multiple device support. Without this convenient feature, you may find yourself refusing to use an authenticator app on a new device because of the time it takes to set up for each account. The same issue arises in the case of a lost device.
Authy solves these problems while still maintaining your account security, all for free.