The 8 best 2FA apps on Android - Android Police

The 8 best 2FA apps on Android - Android Police

The 8 best 2FA apps on Android - Android Police

Posted: 20 Feb 2021 12:00 AM PST

This story was originally published and last updated

Article Contents

Your online accounts are much safer when you rely on more than only a password, and that's where two-factor authentication (2FA) apps come in. You can use them to create an extra layer of security for your accounts, requiring you to enter a one-time password (OTP) in addition to your regular credentials when you log in. That prevents hackers from accessing your account with a stolen password only.

Some services offer to send you OTPs via SMS, but you should always opt for proper 2FA apps if you can. Text messages aren't encrypted and phone numbers can be spoofed, so an elaborate hacker has no trouble getting past these measures. Luckily, there are quite a few great 2FA apps to choose from.

Standalone 2FA apps

andOTP

It's generally a good idea to rely on open-source tools for security — the code is transparent and openly available, so security audits are easy to conduct. That's why our first recommendation and my personal 2FA manager of choice is andOTP, a fork of the long-inactive OTP Authenticator app. The open-source app might not be the prettiest, but it gets the job done very well. You can optionally encrypt your data at rest, and its local backups can be secured via a password. Since andOTP doesn't offer cloud syncing, you can rest assured that your OTPs will never be stored on unknown, potentially insecure servers without your explicit permission. andOTP also saves the secret code you need to use to set up your OTPs, so you can easily switch to another OTP manager if you ever want to without having to go through the setup process for all of your accounts again.

You can download andOTP from the Play Store or F-Droid.

andOTP - Android OTP Authenticator
andOTP - Android OTP Authenticator
Price: Free

Aegis

Aegis is another open-source client that is mostly identical to AndOTP on the surface, showing your OTPs in a list and supporting local backups. But it places an even higher emphasis on security and highly encourages you to lock the app with a password or biometrics, which allows your codes to be encrypted at rest using AES-256-GCM. Regarding optics, the app adheres to your system dark or light preference, and you can add app icons by yourself using its icon pack or your own symbols (which is a little more complicated than other solutions that automatically add icons).

Aegis also lets you access secret codes and supports exporting and importing from and to other OTP managers, so you're not locked in if you just want to give it a try. You can download it from the Play Store or F-Droid.

Aegis Authenticator - Two Factor (2FA) app
Aegis Authenticator - Two Factor (2FA) app
Price: Free

Authy

If you don't value the open-source aspect that much and prefer a 2FA app that automatically and securely syncs over the cloud, Authy might be the service of your choice. Its cloud backup is secured by a password and an SMS-based 2FA system, allowing you to seamlessly sync your OTP codes across multiple devices. The service also offers desktop apps that sync with your online vault.

Authy is free for individuals; it earns its money with enterprise customers. That's why you can rest assured that it does everything humanly possible to protect your data as it can't afford to lose its paying customers due to breaches.

Unfortunately, Authy doesn't let you recover the secret codes used to set up OTPs, so if you ever want to switch to another manager, you'll have to set up all of your OTPs via your accounts anew again or save them somewhere else whenever you add some to Authy.

Twilio Authy 2-Factor Authentication
Twilio Authy 2-Factor Authentication
Price: Free

Google Authenticator

If you don't want to backup or sync your 2FA codes at all for security reasons, the Google Authenticator might be interesting for you. It supports the usual features and runs locally on your Android phone. If you switch phones, you can move your credentials via a QR code you can generate in the app settings. Google Authenticator automatically based on your system theme, but it doesn't have the option to add icons, so depending on how many services you protect, it might get pretty hard to tell them apart.

Google Authenticator
Google Authenticator
Price: Free

Password managers with integrated 2FA functionality

It's generally not recommended to store 2FA credentials in the same place as your password as that effectively eliminates the second factor part of the equation. But as long as you take all imaginable measures to secure your password manager, having all of your credentials in one place is convenient and might encourage you to set up 2FA for more of your accounts, which is inherently more secure than just relying on one factor. You might still want to use a standalone 2FA app for your most important accounts when you go this route.

Here are our favorite solutions for password managers with 2FA support:

Microsoft Authenticator

Microsoft Authenticator started out as a 2FA app, but the company recently turned it into a full-fledged password manager that syncs with Microsoft Edge when you log in with your Microsoft account. You can still use the Authenticator as a standalone 2FA app by simply not adding passwords if you prefer that. You also don't have to log in with your Microsoft account if you don't want or need cloud backups.

Microsoft Authenticator
Microsoft Authenticator
Price: Free

MYKI

MYKI probably isn't the best-known password manager out there, but it has some unique tricks up its sleeve. Your data doesn't ever leave the devices you own, but your passwords and 2FA codes still sync via its peer-to-peer setup that doesn't require too much manual work on your part. That's great if you're concerned about server security without wanting to lose the convenience of cross-device syncing. Our own Rita wrote an extensive review a few years back, and it's still to the point.

MYKI: Offline Password Manager & Authenticator
MYKI: Offline Password Manager & Authenticator
Price: Free+

Bitwarden

OTPs are displayed alongside your password and account name.

If you'd rather rely on cloud-based software, Bitwarden is a great open-source choice. To use it for 2FA codes, you need to pay for the $10/year premium version, which is incredibly fair compared to other password managers. Once you've got everything set up, you can use Bitwarden to autofill passwords. OTP codes will then be added to your clipboard automatically, so you can just paste them.

Bitwarden Password Manager
Bitwarden Password Manager
Price: Free

LastPass

LastPass's approach is a little different from other password managers with integrated OTP support. The security company offers a secondary 2FA app that you need to use in tandem with the main password manager application. When you log in to one of your OTP-protected accounts, you'll receive a push notification on your phone, allowing you to seamlessly verify your identity. You can also back up your OTPs to your LastPass account.

Keep in mind that LastPass is changing how its free tier works on March 16, 2021, so it's only really a viable option if you're ready to pay $3 a month for the Premium version.

LastPass Password Manager
LastPass Password Manager
Price: Free+
LastPass Authenticator
LastPass Authenticator
Price: Free

Of course, this is only a small selection of 2FA apps out there, but we found these to be the most secure solutions that are either very affordable or free. Most password managers have built-in support for 2FA codes, but as we said, it's always a good idea to keep 2FA and passwords separate.

You can find out which of your services support 2FA on the crowdsourced twofactorauth.org website. Tap the "Docs" shortcut in the results to see detailed instructions on how to enable OTP codes for the service in question.

Microsoft, AMD bet big on confidential Cloud computing - ETTelecom.com

Posted: 15 Mar 2021 11:21 PM PDT

Microsoft, AMD bet big on confidential Cloud computingSan Francisco: Microsoft has announced to extend its confidential computing options available to Azure Cloud customers in partnership with chip-maker AMD.

The company said it will be the first major cloud provider to offer confidential virtual machines on the new AMD 'EPYC 7003' series processors.

With the third-gen AMD EPYC CPU-backed confidential computing virtual machines (VMs), Azure confidential computing now enables customers to encrypt entire VMs confidentially, enable confidentiality without recompiling code, and benefit from a host of Azure-specific enhancements.

"Today you can deliver confidential workloads on Azure with the broadest choice of hardware as well as resources spanning virtual machines, containers, SQL, and beyond," the company said in a statement on Monday.

As a founding member of the Confidential Computing Consortium, Microsoft is also an innovator in confidential computing which extends those protections to data running on the processor itself.

"For more than three years, financial services, governments, health care providers, and even messaging companies have been using Azure confidential computing to unlock new scenarios like multi-party machine learning and move their more sensitive applications to the cloud," said Mark Russinovich CTO and Technical Fellow, Microsoft Azure.

The AMD EPYC-CPU powered Azure VMs are fully encrypted at runtime, fulfilling the promise of confidential computing by protecting your data even when it is in use.

"The encryption keys used for VM encryption are generated, and safeguarded, by a dedicated secure processor on the EPYC CPU. This helps ensure that no one, even cloud administrators -- and by extension the workloads, apps, or data in the VMs -- have access to these encryption keys," the company said.
-

Comments

Post a Comment

Popular Posts

6 Anti-forensic techniques that every cyber investigator dreads | EC-Council Official Blog - EC-Council Blog

Image
6 Anti-forensic techniques that every cyber investigator dreads | EC-Council Official Blog - EC-Council Blog 6 Anti-forensic techniques that every cyber investigator dreads | EC-Council Official Blog - EC-Council Blog 5 best TrueCrypt alternatives | Encrypt your computer with these apps - proprivacy.com The Best Way to Encrypt Email in Outlook - Security Boulevard 6 Anti-forensic techniques that every cyber investigator dreads | EC-Council Official Blog - EC-Council Blog Posted: 23 Nov 2019 12:00 AM PST Anti-forensic techniques can make a computer investigator's life difficult. From committing fraud in an organization to stealing crucial data, cybercriminals can perform a wide range of nefarious activities. In some cases, these perpetrators try to cover their tracks by deleting browser history, cache memory, and even cookies. But with an upward trend , it is now much convenient for cyber attackers to use already progr...
Read more

How to Encrypt Your iPhone or iPad Backup - MUO - MakeUseOf

Image
How to Encrypt Your iPhone or iPad Backup - MUO - MakeUseOf How to Encrypt Your iPhone or iPad Backup - MUO - MakeUseOf Physical and Digital Safety: Arrest and detention - CPJ Press Freedom Online Mobile Encryption Market – Key Players, Size, Trends, Growth Opportunities, Analysis and Forecast To 2027 – The Courier - The Courier Fleeing WhatsApp for Better Privacy? Don't Turn to Telegram - WIRED How to Encrypt Your iPhone or iPad Backup - MUO - MakeUseOf Posted: 23 Feb 2021 12:00 PM PST [unable to retrieve full-text content] How to Encrypt Your iPhone or iPad Backup    MUO - MakeUseOf Physical and Digital Safety: Arrest and detention - CPJ Press Freedom Online Posted: 24 Feb 2021 06:14 AM PST Share this: Covering certain stories–such as human rights abuses, corruption, or civil unrest–can place you at a higher risk of arrest and detention, particularly...
Read more

A Look At Blockchain Smartphones Available Now - I4U News

Image
A Look At Blockchain Smartphones Available Now - I4U News A Look At Blockchain Smartphones Available Now - I4U News Posted: 09 Oct 2019 06:19 AM PDT There is probably no one in the world who has not heard of cryptocurrencies. In the past few years, the general public's awareness of the likes of Bitcoin and Ethereum has skyrocketed. This has happened to such a degree that there are literally millions of us using Bitcoin wallets offered by Luno and other well established names in the industry. On the other hand, blockchain is not necessarily that well known and its capabilities maybe a little less. So although we know that blockchain is the basis of cryptocurrencies, many of us know little more than that. Anyways, this technology is extremely adaptable and is being applied to many industries/sectors from health to disaster recovery. So that it will come as no surprise that blockchain is shifting its attention to mobile. This has resul...
Read more