The 2 Best Gaming Headsets of 2024 | Reviews by Wirecutter
Google Authenticator
Google Authenticator is a particularly popular smartphone application that can be used as a token for many two factor authentication (2FA) systems by generating a time-based one time password (referred to as TOTP). With Google Authenticator, the combination of your user name and password along with the single-use code generated by the application allows you to securely authenticate yourself in a way that would be difficult for an attacker to replicate.
That sounds great, but what if you don't have a smartphone? That's the situation that [Lady Ada] recently found herself in, and rather than going the easy route and buying a hardware 2FA token that's compatible with Google Authenticator, she decided to build one herself based on the ESP8266. With the hardware and source documented on her site, the makings of an open source Google Authenticator hardware token are available for anyone who's interested.
Generated codes can also be viewed via serial.For the hardware, all you need is the ESP8266 and a display. Naturally [Lady Ada] uses her own particular spin on both devices which you can purchase if you want to create an identical device, but the concept will work the same on the generic hardware you've probably already got in the parts bin. Software wise, the code is written in CircuitPython, a derivative of MicroPython, which aims to make microcontroller development easier. If you haven't tried MicroPython before, grab an ESP and give this a roll.
Conceptually, TOTP is relatively simple. You just need to know what time it is, and run an SHA1 hash. The time part is simple enough, as the ESP8266 can connect to the network and get the current time from NTP. The calculation of the TOTP is handled by the Python code once you've provided it with the "secret" pulled from the Google Authenticator application. It's worth noting here that this means your 2FA secrets will be held in clear-text on the ESP8266's flash, so try not to use this to secure any nuclear launch systems or anything, OK? Then again, if you ever lose it the beauty of 2-factor is you can invalidate the secret and generate a new one.
We've covered the ins and outs of 2FA applications before here at Hackaday if you'd like to know more about the concept, in addition to previous efforts to develop a hardware token for Google Authenticator.
Top 6 Google Authenticator Alternatives In 2024
Multifactor authentication (MFA) is one of the most effective ways to enhance security, and with the rise of apps, such as Google Authenticator, the authentication method has become easier to deploy.
However, whether due to privacy concerns, a lack of updates (especially when it comes to open-source options), or preference, many choose to avoid Google Authenticator.
Fortunately, there's no shortage of competitors on the market, each with distinct advantages. Here are some of the top Google Authenticator alternatives.
1 ESET PROTECT AdvancedEmployees per Company Size
Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+)
Any Company Size Any Company Size
Features
Advanced Threat Defense, Full Disk Encryption , Modern Endpoint Protection, Server Security
2 ManageEngine Log360Employees per Company Size
Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+)
Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise
Features
Activity Dashboard, Advanced Threat Analytics, Analytics/Reporting, and more
3 ManageEngine Desktop CentralEmployees per Company Size
Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+)
Any Company Size Any Company Size
Features
Activity Monitoring, Antivirus, Dashboard, and more
Top Google Authenticator alternatives: Comparison table Product name Pricing Key Features Microsoft Authenticator: Best for a "big-name" option Free Two-factor authentication (2FA)/MFA supportPasswordless sign-in
Push notifications
Twilio Authy: Best for backups and multiple devices 5 cents per successful verification plus standard fees per channel 2FA/MFA supportMultidevice sync
Soft token and backup
Time-based one-time password (TOTP)
Cisco Duo: Best for enterprises Free up to 10 usersEssentials: $3 per user, per monthAdvantage: $6 per user, per monthPremium: $9 per user, per month Risk-based authenticationSingle sign-on (SSO)
Passwordless authentication
Complete device visibility
Yubico Security Key: Best for a physical security key Yubico security keys are available in different models and configurations, each with varying prices. The pricing depends on factors like the model, connectivity―such as USB-A, USB-C, and near-field communication (NFC)―and features of the security key 2FA supportFIDO2 and U2F support
Multiprotocol support
Physical security
FreeOTP: Best for an open-source alternative Free 2FAOpen-source software
TOTP
Hash-based message authentication code (HMAC)-based, one-time password (HOTP)
Microsoft Authenticator: Best for a 'big-name' optionImage: Microsoft Authenticator
Available for both Android and iOS, Microsoft Authenticator offers a similar experience to Google's, working with both Microsoft and non-Microsoft accounts.
No passwords are required. Accounts are accessible using a PIN code, fingerprint, or face recognition. There's also the option to backup credentials to the cloud, but this requires a personal Microsoft account, with iOS users also needing to link to an iCloud account.
Recent notable improvements Microsoft has made include the ability to now display the name of the service, website, or application being accessed. This serves as an additional layer of security you can use to confirm the authenticity of an MFA request.
Why we chose Microsoft AuthenticatorAs a large established company, Microsoft can provide a robust level of support for users who have questions or issues with the product. It also can provide a consistent level of updates to provide new features and patch bugs with the software.
PricingImage: Twilio Authy
Although it isn't as big or widely known as Google or Microsoft, Twilio's Authy app is one of the most impressive and feature-rich Google Authenticator alternatives. Twilio takes pride in the fact that its app can be used anywhere Google Authenticator can be used, meaning that those making the switch won't hit any unexpected compatibility issues.
It offers its own distinct advantages with some major quality-of-life features that make it easier to securely access your data. The app is available on multiple platforms, including iOS, Android, and Chrome, with the ability to synchronize your 2FA tokens across them so they're always there when you need them. You're also able to view and edit your devices at any time and create securely encrypted backups in case any of them are ever lost or stolen.
Twilio provides regular updates for its Authy app, with the most recent improvement involving the delivery method of one-time passwords (OTPs). Beginning in February 2024, the company stated that OTPs would be sent via rich communication services (RCS), a more secure method than the default short messaging (SMS) channel, as it's able to utilize Wi-Fi and cellular.
Why we chose Twilio AuthyDepending on the MFA solution, users could be locked out of their accounts if they lose their phone or other device. Twilio, however, allows users to back up all 2FA tokens and restore them in the event that they lose their primary devices. Twilio also provides features to manage multiple devices, including the ability to sync and disable future installations for added security.
PricingImage: Cisco Duo
Some may find Cisco's name a somewhat surprising inclusion on this list as many associate them more with routers, internet phone systems, and other hardware. It is no slouch on the software side though, with Duo offering a very strong enterprise-level Google Authenticator alternative.
As part of its newest batch of updates, notable additions include a public preview for Verified Duo Push. This is a feature that provides a greater level of security by asking users for an additional verification code for push requests. Codes sent via SMS text message have also been streamlined as codes are now machine-readable to allow mobile browsers to complete authentication without additional user intervention.
This MFA product comes as part of a suite of software, which can also be used to set up and manage other useful information technology (IT) functionality, such as remote access and access control. This feature is targeted at commercial customers, however, and the pricing reflects that.
Although most alternatives to Google Authenticator are completely free but potentially relatively limited in terms of options, Duo can offer you a lot if you're willing to pay for it. The free option, which Cisco advises is aimed toward individuals and very small teams, is most comparable to what Google offers and will be enough for many, although it faces competition from the likes of Authy. If you want desktop access or many of the more specialized features Duo offers, or you have more than 10 users, you'll need to pay per user. Prices start at $3 per user, per month. That rises to $9 or potentially even higher depending on exactly which features you need.
Since Microsoft Authenticator is also an alternative we identified, you can learn more in our article comparing Cisco Duo vs Microsoft Authenticator.
Why we chose Cisco DuoImplementing MFA for enterprises and large businesses can be complex. However, Cisco is an excellent option to consider because of its Duo Policy Engine. This tool allows organizations to manage access across different users and levels of the company. Permissions and policies can also be customized based on user locations, remembered devices, device health, and more.
PricingImage: Yubico
This Google Authenticator alternative offers something different. Rather than relying on an app installed on a phone or desktop, Yubico provides a physical key that serves as an authenticator. This key, which comes in USB-A and USB-C versions, will work out of the box with all of the major websites you'd expect it to as well as common password managers and other software.
Usage is straightforward, the documentation is extensive and easy to understand, and the key itself feels very solid and durable. As well as the standard USB plug connectivity, tap-and-go authentication for mobile apps is included. Yubico does offer keys with even more features, such as the YubiKey Bio series, which integrates biometric security through the inclusion of a fingerprint sensor.
The YubiKey 5 series is the latest version of the product, which delivers additional options including the ability to opt for passwordless authentication, 2FA using a password with an authenticator as well as MFA via passwordless verification and a PIN. It also offers a wide range of phishing-resistant authentication protocols, such as FIDO2/WebAuthn and Personal Identity Verification Smart Card.
Pricing varies depending on the size of your organization and whether you're looking to buy the keys with an upfront payment or if you choose to subscribe. Subscribing can offer some savings to larger organizations, but individuals and smaller businesses who are confident they aren't going to lose their keys may prefer to pay once and be done with it.
Why we chose Yubico Security KeyYubico's physical security keys have authentication protocols that are phishing-resistant, a vulnerability present with SMS and some other methods of mobile MFA. Keys are easy to use and are supported by a wide range of online services and apps. Security keys can also be used to secure computers and even physical spaces.
PricingImage: FreeOTP
One complaint about Google Authenticator is that it's no longer open source, with the relevant repositories not updated for several years. This isn't an issue with FreeOTP, however, as it's completely open source.
Version 2 is the latest major release of FreeOTP. It introduced a new material design user interface, default branding for major services, and the ability to backup and restore tokens. Three minor updates have since been provided, eliminating various bugs and providing slight enhancements.
Available on both Android and iOS, this authentication app is relatively lightweight and minimalist, both in terms of user experience and features.
Why we chose FreeOTPAs open-source software, FreeOTP can provide users with faster updates and resolutions to things like bugs and vulnerabilities. It can also allow for a greater level of customization that is not possible with other private or proprietary software.
Pricing FeaturesYou may want to consider alternatives to Google Authenticator if you desire the ability to customize your method of MFA, need to manage multiple devices or users, prefer using a physical security key, or want to work with a company that has different support options. Although companies that offer an MFA solution can accomplish the same goal of providing greater protection against unauthorized access to accounts, differences exist for the level of security provided and functionality that can affect ease of implementation, use, and maintenance.
In selecting a product that is suited to your needs, consider what you can afford as well as the features and characteristics most important to you. Think about differences in what's offered for layers of authentication, backup and restore options, encryption protocols, customization, and support options, and tools to manage permissions for user groups.
For example, individuals or businesses particularly prone to phishing attacks may want the peace of mind that comes with a Yubico phishing-resistant security key. Similarly, companies with employees that need varying levels of permissions may want to look into Cisco's Duo Policy Engine.
Regardless of the option you choose, adding MFA provides a layer of protection that can protect you from having to deal with the ramifications of allowing unauthorized access to your accounts.
Read next: Authy vs Google Authenticator
MethodologyWhen making this list, we considered a range of factors to ensure that we would be bringing you the very best Google Authenticator alternatives. Some of the key areas where these apps and services had to stack up follow:
The Best Two-Factor Authentication App
It has optional, encrypted backups. With just a toggle and a password, Duo Mobile will back up all of your accounts protected with 2FA. So if you get a new phone, lose your old phone, or delete the Duo Mobile app, you can pick up right where you left off. And, unlike most other 2FA apps, Duo Mobile doesn't ask you to provide any personal information or create an account to securely back up your accounts. Your backup is stored in your iCloud for iPhones and Google Drive for Android devices, so Duo Mobile never has access to your backup or the means to decrypt it. It also can't restore your backup for you if you lose or forget your password, so be sure to write it down.
Comments
Post a Comment