Authenticator App

Why Trust Techopedia

What is Authenticator App?

An authenticator app is a mobile app or browser extension that generates time-based or counter-based one-time passwords (OTPs). These apps provide the end user with a secure authentication factor for two-factor authentication (2FA).

Advertisements

What is Authenticator App?

Key Takeaways

  • Authenticator apps can be downloaded and installed on a mobile device or added as a desktop browser extension.
  • They are used for two-factor authentication.
  • Authenticator apps generate time-based or counter-based one-time passwords locally.
  • Authenticator apps can be paired with multiple web service accounts.
  • They provide better security compared to SMS-based two-factor authentication (2FA).

How Authenticator Apps Work

Authenticator apps use a shared secret key and a time-based or counter-based algorithm to generate one-time passwords (OTPs). The secret key is established during the initial setup process and is never transmitted over the network.

When the user logs into the service after set-up, they are asked for their username, password, and OTP. Some authentication apps provide an OTP automatically when the login process begins, while others require the user to initiate the OTP.

Once the user submits the one-time password, the service will verify the user’s credentials by checking them against an internal database and calculating the expected OTP. If the credentials are valid and two OTPs match, the user will be authenticated.

are valid and two OTPs match, the user will be authenticated.

Three Steps to Set Up an Authenticator App

Follow these three steps to set up an authenticator app:

  1. Enable 2FA in the security settings of the service you want to protect. Select “Authenticator app” as the method.
  2. Decide whether you want to use a mobile authentication app, add an authenticator app extension to your browser, or use an authenticator app that’s integrated into a password manager.
  3. Follow the installation instructions provided by the service. This typically involves scanning a QR code with your device‘s camera or a screenshot function or manually entering a setup key to confirm the app and service are paired correctly. 

Why Use an Authenticator App

Authenticator apps can be added as a desktop browser extension, or they can be downloaded from an app store and installed locally on a smartphone or tablet. This versatility supports 2FA on a wide range of operating system (OS) platforms.

Generally speaking, authenticator apps are considered to be more secure than SMS-based OTPs. Authenticator apps generate codes locally on the user’s device without needing to send them over a cellular network. This eliminates the risk that OTPs could be intercepted during transmission.

Authenticator App Examples

If you are wondering what the best authenticator app is, the answer depends on your specific needs and preferences.

Google Authenticator is one of the most widely used apps for generating 2FA codes because it’s user-friendly and versatile. It can be downloaded from Google Play and Apple Stores or added as an extension for Chrome, Firefox, or Edge browsers.

Google Authenticator is free to use, but it requires users to have a Google account. This authenticator app is good for non-technical users because there are plenty of easy-to-understand instructions for how to install and use Google Authenticator on tech websites and YouTube.

Other popular authenticator apps include:

Are Authenticator Apps Different From Password Managers?

Yes, authenticator apps focus on generating 2FA codes, while password managers focus on storing and managing passwords. It’s important to note, however, that some password managers have integrated authentication apps.

The integration can streamline the login process by keeping all authentication factors in one place and making them accessible for auto-fill features.

Are Authenticator Apps Secure?

Yes, authenticator apps are considered to be secure. If a threat actor manages to intercept a one-time password, it can’t be used without the shared secret key. And even if the threat actor manages to obtain the user’s regular password or passphrase, they won’t work without the code generated by the authenticator app.

It’s important to note that while the chances of an attacker successfully compromising an authenticator app are low, it’s not impossible. For example, an attacker could compromise the end user’s device and use their authenticator app to generate OTPs. To prevent this scenario, many authenticator apps offer optional features like device binding or biometric authentication to enable multi-factor authentication (MFA).

Authenticator App Pros and Cons

Using an authenticator app can significantly enhance security, but there can be challenges regarding device management and recovery processes.

Pros
  • Authenticator apps encourage end users to enable 2FA on the apps they use
  • Authenticator apps are widely supported by online services that provide 2FA
  • Many authenticator apps offer browser extensions for desktop users
Cons
  • Authenticator apps for mobile devices require the user to have the device in their possession each time they log into a paired service
  • Setting up an authenticator app can be challenging for users who are not tech-savvy
  • Users who don’t have a backup method in place can potentially be locked out of the accounts the app is paired with

The Bottom Line

Authenticator apps are a popular choice for 2FA and passwordless authentication.

Some cybersecurity experts argue that authenticator app definitions should be broadened to include portable USB security tokens that can generate OTPs.

Critics maintain that hardware tokens don’t provide the flexibility that authenticator apps do. For example, most authenticator apps are free and can store and manage OTPs for multiple accounts. In contrast, hardware security tokens need to be purchased, and the number of accounts that can be paired per token is often limited.

FAQs

What is an Authenticator App in simple terms?

What does an authenticator app do?

Should I use an authenticator app?

Can I use authenticator apps for all my online accounts?

How do I get an authenticator app?

Are authenticator apps free to use?

Why do I need Microsoft Authenticator?

Advertisements

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.