Secure your accounts with the best free authenticator apps
 
             
                    There are many forms of two-factor authentication (2FA) out there. You could get a one-time code sent to your phone. You might use your fingerprint. Some people buy a hardware key (a kind of USB stick). But one of the easiest and most secure ways to prove you’re you is authenticator apps. All you need to do is install a free app and connect it to your various accounts.
While the vast majority of authenticator apps perform the exact same functions, we found the best free authentication apps that strike a balance between excellent security, functionality, and device compatibility.
What is multi-factor authentication?
Two-factor authentication (2FA), or multi-factor authentication (MFA), is a multi-step security process for authenticating your identity in order to log into an online account.
This means that in addition to using your username and password, you need to provide an extra credential in order to verify your identity. This extra credential is generally a one-time code that is provided via an SMS, email, or authentication app; and only lasts for a short period of time.
Other forms of authentication can include the use of biometrics or a hardware key.
Why is multi-factor authentication important?
Multi-factor authentication provides a major security boost to any of your online accounts, especially if your password is compromised. Think of it like this: someone steals your keys and attempts to break into your house, only to find that they also need to enter a pass code at the door. Crisis averted!
Read more: How to choose a security question
How do authenticator apps work?
Authentication apps generate single-use pass codes on your phone that expire within seconds. They are a secure form of 2FA to prove it really is you logging in to an account.
When signing in to an account (say, email or Facebook), you’ll first enter your username and password, then you’ll be prompted to enter the authenticator code. You’ll have to open the authenticator app on your phone, which will display the code. Enter the code, and you’re in.
Once you've installed an authenticator app on your device, it takes about a minute to connect each of your services to the authenticator app. When logged in to an account, you’ll just have to choose an authenticator app as your 2FA method and follow the instructions.
Most major sites and services like Google, Facebook, and PayPal work with authenticator apps. You can check out the 2FA Directory for sites that support 2FA/MFA.
Are authenticator apps secure?
Yes, authenticator apps have a high level of security. Authenticator apps are considered a safer form of 2FA than codes sent by SMS. They tend not to rely on internet or mobile connections, which means there's nothing for an attacker to intercept. Instead, codes are generated directly on your device. Authenticator apps also don’t have access to your accounts—they simply generate codes.
How do authenticator apps work without an internet connection? Via a process called hashing.
Hashing is a form of encryption that uses an algorithm to generate a unique code. However, unlike encryption—which, by definition, can be decrypted—hashing cannot be reversed. In order for authentication to be successful, the unique code generated needs to be proven to be a result of the algorithm.
It might sound intimidating and a hassle to set up your accounts with authenticator apps as 2FA, but we’re here to tell you that it’s easy and worth it for the security. And it’s free!
Best free authenticator apps
Jump to…
- andOTP
- Twilio Authy
- Google Authenticator
- 2FA Authenticator
- FreeOTP
- Microsoft Authenticator
- Duo Mobile
andOTP
Available for: Android
One of the brighter stars on this list, andOTP is both easy to use and has tons of features including a tap-to-reveal feature to show one-time passwords, and a “panic button” that erases all tokens in case of emergency. andOTP also allows you to create encrypted exports of your account authentication data. Unfortunately, andOTP is only available for Android users.
Pros:
- “Panic button” function
- Login security that includes PIN, password, or fingerprint
- Hides codes from view
Cons:
- Only available on Android
Twilio Authy
Available for: Windows, macOS, Android, iOS, Linux
Unlike other entries on this list, Authy supports and syncs across a variety of platforms, making it a great choice if you favor the convenience of not having to constantly use your phone for authentication. Having said that, it is also the only entry on this list that requires a phone number in order to use it. Unfortunately, this can leave access to your account vulnerable to a SIM-swapping attack.
Pros:
- Supports a wide variety of platforms
- SMS, email, and phone authentication
- Free support
- Various third-party integrations
Cons:
- Only up to 100 authentications per month
- Phone number is required to create Authy account
Google Authenticator
Available for: Android, iOS
A basic, no-frills option, Google Authenticator was one of the first multi-factor authentication apps to hit the market. In comparison with the other apps on this list, it’s pretty bare-bones—but it does what’s advertised. Other than generating one-time passwords, it doesn’t do too much else. Also, given that there’s no app access protection, your accounts could be compromised if your device fell into the wrong hands.
Pros:
- Phone number not required
- Can be used without an account
- Easy-to-use interface
- Various third-party integrations
Cons:
- Does not hide codes from view
- No multi-device support
- No app access protection
- Not open source
2FA Authenticator
Available for: Android, iOS
Compatible with over 500 services, 2FA Authenticator generates time-based one-time passwords, push notifications, and cloud syncing for backing up your authentication tokens. While 2FA Authenticator provides the same functions as most other entries on this list, the developer, 2FAS, has a pretty neat tool on its website to check whether your one-time passwords are being correctly generated.
Pros:
- Simple and easy to use
- Various backup options (including cloud backups)
- Login security that includes PIN or facial recognition
Cons:
- Limited documentation
FreeOTP
Available for: Android, iOS
Aside from the fact that FreeOTP hasn’t been updated in a few years, it’s a pretty solid entry to this list. Granted, like Google Authenticator, it’s quite basic, but it takes up less storage space and is open source. Unfortunately, there aren’t any backup and syncing options.
Pros:
- Can be used without an account
- Open source
Cons:
- Hasn’t been updated in a while
- Backup and syncing capabilities non-existent
Microsoft Authenticator
Available for: Android, iOS
Microsoft Authenticator is a great choice if you regularly work with Microsoft Office or Office 365. Like most other entries on this list, the app generates time-based one-time passwords and an easy-to-use interface. Unfortunately, it is difficult to transfer your credentials if you use a secondary device with a different operating system—in other words, transferring or duplicating your details from an Android device to an iOS device.
Pros:
- Simple and easy to use
- Hides codes from view
- Login security that includes PIN or biometrics
Cons:
- Limited third-party integrations
- Difficult to backup
Duo Mobile
Available for: Android, iOS
Probably one of the more rudimentary entries on this list, Cisco’s Duo Mobile generates time-based one-time passwords and allows for cloud syncing and backup. However, not only is there no ability to sync across devices (similar to the issue with Microsoft Authenticator), there is no app access protection.
Pros:
- Simple and easy to use
- Hides codes from view
Cons:
- No app access protection
- Difficult to back up
Authenticator app alternatives
Text and email codes
This is an extremely common form of account authentication. The biggest flaw is that if your device or SIM card is stolen, cloned, or compromised, security texts can be easily intercepted. In addition, if you allow notifications to show up on your lock screen, security codes can also be easily stolen by people near your phone.
Biometrics
This can include voice recognition and retina scans. While this form of account authentication is unique and secure, the biggest issue is determining if you trust companies with your biological data.
Hardware keys
These are small USB keys that use your fingerprints for MFA across multiple accounts. The biggest issue with a hardware key is the possibility of loss. Further, it may be a hassle to carry it with you all the time and make account authentication difficult when you're out and about.
MFA layers: The more the better
While we love authentication apps as a form of multi-factor authentication, you should also explore several other MFA options in tandem to secure access to your accounts. While the alternatives may have some downsides if used by themselves, multiple layers of protection can only make your account security stronger.
We’d recommend adding MFA to any accounts that you’ve not already protected, including SMS notifications, push notifications, and purchasing a hardware key.
Read more: Why should I use two-factor authentication?
Take the first step to protect yourself online. Try ExpressVPN risk-free.
Get ExpressVPN 
     
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
         
         
        