Staying safe online is more important than ever. Using a password manager with separate passwords for every account is the most important step. However, we recommend going further and adding her second factor to your security settings. That’s where his two-factor authentication, or he’s 2FA for short, comes in. This method often relies on dedicated apps that automatically generate one-time codes to use during the login process.
This is a collection of the best applications available for Android smartphones.
What is 2FA?
2FA stands for two-factor authentication. His second factor is added next to your password to the process of signing into your account from your new device. This ensures that even if your password is leaked, a malicious person cannot easily break into your account.
In most cases, 2FA works in conjunction with a one-time password (OTP), a code generated by an additional app on your phone, or a message sent via text. However, the latter solution should be avoided as much as possible. His text-based two-factor authentication is better than nothing, but easier for hackers and bad guys to break than relying on apps.
As a second factor, you also have the option of choosing a physical hardware key like Google Titan.
That means something you know (your password) plus something you have (a phone with an app installed that generates a one-time code, a SIM card that receives SMS messages, or a security hardware key that is plugged in). Is required. ) on your device to access your account.
How do I set up 2FA on my account?
Most popular services support two-factor authentication, and some require two-factor authentication from the start.Crowdsourcing allows him to see services that support 2FA 2FA Directory. When searching for an account, document Click the search result shortcut to see detailed instructions for activating the OTP code for the service you want to use.
All 2FA options rely on one-time passwords generated via secret hashing. Usually embedded in QR codes that you scan from your computer screen with a 2FA app, it’s basically a string of letters and numbers that determine how the code is generated. This is stored in the 2FA app and used to create new codes for the service to check.
Standalone 2FA app
authoritative
Authy is the simplest and most straightforward option for most people. This is a cloud-based manager that automatically stores secure backups of your 2FA codes. This will prevent you from losing access to your codes if your phone is stolen or damaged. However, security is still at the core of this service.
To access the 2FA code on your new phone, confirm your action using the SMS one-time code and password. Write this password down somewhere or remember it. If you plan to set up 2FA via Authy, don’t add it to your password manager.You can lock yourself out of password managers When If you don’t know the password, please access the 2FA app at the same time.
Using Authy is easy. View your accounts in a grid or list,[コピー]You can add one-time codes to your clipboard using the button. It might look a bit old-fashioned and you might not like having to tap accounts to reveal OTPs one at a time, but a robust cloud storage solution makes up for these issues. I’m here.
Authy is free to use. The company behind it, his Twilio, monetizes enterprise customers by offering his own 2FA backend solution. So rest assured that Twilio will do everything possible to provide a secure system. After all, its business model is based on the premise of enhancing security through his 2FA service offerings for enterprises. Therefore, we do everything possible to make the process as safe as possible.
The only downside to Authy is that you can’t recover the secret code used to set up your account’s one-time password generator. If you switch to another 2FA manager for her, you’ll have to set up a new OTP, which is annoying. To avoid this, store secrets elsewhere when adding new accounts to Authy. For this reason, we recommend the combination of Authy and Aegis.
Authy is cloud-based and the only 2FA app on this list that works on nearly every platform. Besides Android, it’s also available for iOS, macOS, Windows, and Linux. Official website.
Aegis
If you don’t want to rely on a closed source solution like Authy, you might be interested in open source options instead. It is the sound of Aegis striking. It’s an open source client that follows a more traditional 2FA interface, in the spirit of Google Authenticator, and lists all OTPs. Aegis focuses on security and recommends locking the app with a password or biometrics. This allows you to encrypt your code at rest using strong algorithms.
In terms of optics, the app complies with the system’s dark or light settings, and you can add app icons using that icon pack Or your own symbol. This is a bit more complicated than the database-embedded solution, but you always have to make some tradeoffs.
Aegis supports backups, but the process is more complicated than Authy’s. By default, Aegis only stores backups locally on your phone, so when adding a new account, don’t forget to upload the code to a cloud storage provider like Google Drive or your computer.
Another advantage of Aegis is that it gives you access to secret codes and supports export and import to/from other OTP managers. So if you want to try it out or find a better solution, you are not bound.
Being open source, Aegis is available free of charge. with Google Play F-droid, but only available as an Android app. No other platforms are supported.
Google Authenticator
If you don’t want to backup or sync your 2FA code due to concerns about potential compromise, Google Authenticator might be of interest. Yes, it is. Google was the first to create an app that works offline. Data cannot be backed up using the app. Instead, you can only transfer codes from one phone to another.
Like Aegis, it shows all your accounts in an easily accessible list and only runs locally on your Android phone.
If you switch phones, you can move your credentials via a QR code generated in the app settings. Google Authenticator will automatically switch from dark to light mode based on your system theme. However, there is no option to add icons, so depending on how many services use 2FA, it can be difficult to tell them apart.
Password manager with integrated 2FA features
Don’t store your 2FA credentials in the same place as your password. This eliminates the second element. part of the equation. However, as long as you take every step to secure your password manager, it’s nice to have all your credentials in one place. A setup like this might even encourage more accounts to set up 2FA for her, and even when used this way, 2FA is more secure than relying on a password. After all, passwords can be leaked from sources other than password managers. However, once you set up 2FA, this doesn’t help hackers much.
Still, when going this route, we recommend using one of the standalone 2FA apps above for important accounts. You need a secondary app for your password manager. You can also protect your Google accounts and other places that store sensitive data outside of your password manager.
Bit Warden
Bitwarden is a great open source choice for password managers, and it does a good job of handling 2FA codes. Secrets can be stored with passwords and exported for use with another service.
Once everything is set up, Bitwarden can be used to autofill passwords just like a regular password manager. The currently active one-time code is automatically added to your clipboard so you can paste it when you reach the relevant stage of the login process.
The OTP is displayed next to your password and account name.
To use the 2FA aspect of Bitwarden, you have to pay $10/year for Bitwarden Premium. This is more affordable than other comparable options. Bitwarden is available everywhere you can imagine and offers extensions for all popular browsers. There are applications for macOS, Windows, and Linux, and Bitwarden comes as both Android and iOS apps.
Microsoft Authenticator
Microsoft Authenticator started as a simple 2FA app, but in 2020 it turned into a full-fledged password manager that syncs with Microsoft Edge when you log in with your Microsoft account. That makes it a great choice for Windows users and those stuck in the Microsoft ecosystem.
You can use Authenticator as a standalone 2FA app without adding a password. And if you don’t want or need cloud backup, you don’t need to log in with your Microsoft account.
Microsoft Authenticator is free. Available for Android and iOS, integrated in Microsoft Edge, in Chrome Microsoft Autofill expansion.
last pass
Most password managers approach 2FA like Bitwarden, but LastPass is a little different. LastPass offers a secondary 2FA app to use in conjunction with your main password manager. The advantage is that you can store your LastPass 2FA credentials in your own His 2FA app and support cloud backups. When you log into one of your OTP-protected accounts, you’ll receive a push notification on your smartphone to seamlessly verify your identity.
Please note that LastPass is a paid app starting in 2021. To enjoy the service with working capacity as a single user, you have to pay $36 per year. LastPass is available for Android, iOS, Windows, macOS, Linux, and as a browser extension.
Stay safe with 2FA and a password manager
This is just a fraction of the 2FA apps out there, but we found these to be the most secure solutions that are either very affordable or free. The best password managers have built-in support for 2FA codes. and many more solutions. This is an overview of the simplest and a showcase of some of the more interesting options.
Post a Comment
Post a Comment