Are you tired of demands for change? Password Mandatory? Are you having difficulty keeping track? passwordsWell, Microsoft agrees that the trend is changing. Password Mandatory is outdated, and it suggests it should be phased out. Fortunately, there is two-factor authentication or 2FA applications Apps like Google Authenticator, Authy, and Microsoft Authenticator are coming to the rescue.
Surprisingly, many people continue to make choices. Password Poor, especially when using the feature 2FA Which you think is not secure. When using a 2FA app to scan barcodes, always write down backup codes in a safe place, preferably offline. Taking a screenshot of the QR code and storing it in an encrypted vault also works, although it's less secure because it's still available online.
Now, let's see how Authy compares to Microsoft Authenticator and which 2FA app you should use.
1. Create an account
When you first open Authy, the app will ask you to create an account using your mobile phone number. This means your phone must have an active SIM card. In case you weren't aware, SIM swapping is a common phishing technique where a hacker issues a new SIM card with your number and then uses it to generate an OTP (One password). Authy has a solution to this, which we'll discuss in the security section below.
Authy uses a colorful layout that makes it easy to find your 2FA codes because each entry uses the logo of the respective service. Google Authenticator never syncs them, making it difficult to find your 2FA code in a sea of text and numbers.
Microsoft Authenticator uses a similar layout where logos are synced, making it easier to find 2FA codes for the services in question.
Unlike Authy, you can use it without having to create an account. However, you can use it with your Microsoft account, but this is optional.
to survey QR codes Both apps are quick and easy to use. Simply tap the "+" icon and point your rear camera at the QR code.
2. Take backups
Authy allows users to backup their codes if they lose their smartphone. These backups are encrypted on your device and then stored in the cloud on Authy's Twilio-owned servers. These backups can then be restored to another mobile device using the same phone number and an active SIM card.
However, you will need to enter password Back up your synced decryption keys. This way, a hacker might gain access to your number using a SIM swap, but you'll still have a backup password. Therefore, it's very important that you keep your backup password in a safe place, preferably offline, and never share it with anyone.
Microsoft Authenticator works similarly. Currently, the ability to backup 2FA codes is only available for iOS users. Microsoft hasn't announced anything for Android yet, but I'm optimistic. You'll need a Microsoft account to backup your 2FA codes.
To get started, go to Settings on your iPhone and tap iCloud Backup. The interface will ask you to enter your Microsoft account details. Backups are encrypted and stored in iCloud, and your Microsoft account is used for verification. You must also use 2FA for your Microsoft account.
So, how do I sign in to my Microsoft account? That's why you should always write down your one-time offline backup codes when scanning QR codes on all websites. I keep a notebook and Sakura pens that are waterproof, fade-resistant, and chemical-resistant. Yes, I'm paranoid when it comes to security, which brings us to the next point.
3. Security
Previously, we discussed how using a mobile number to register an Authy account can be risky. To address this issue, Authy implemented an option called "Allow multi-device." You can only install Authy on a second or third device when this option is enabled. Therefore, be sure to disable this option after you've finished setting up your accounts and scanning QR codes.
Even if a hacker uses the SIM swap trick, they won't be able to install Authy on their device because it's not allowed. You can see a list of registered devices on the same screen.
With Microsoft Authenticator, there's no need to use a SIM card, and if you choose to use your Microsoft account, your backups are stored in iCloud instead. This means a hacker would need access to both of these accounts before they can steal your 2FA codes. Make sure your Apple account is secure, too.
Both Authy and Microsoft Authenticator allow you to secure apps with a 4-digit PIN and a fingerprint scanner. 2FA codes never leave your device unless you want them to, and they're encrypted on your device before they load.
4. Other features
Microsoft Authenticator also works with Microsoft's enterprise solution. So, you can now use the app to receive one-click push notifications to approve your sign-in—no need to enter a code. The one-click push notification also works for personal accounts.
Both 2FA apps can generate codes offline and without access to an internet connection after the codes have been scanned and saved on the device.
5. Pricing and Platforms
Authy and Microsoft Authenticator are free and ad-free. Authy supports Android, iOS, Windows, macOS, and Chrome browsers. Microsoft Authenticator supports both mobile platforms and Windows 10 but leaves macOS and browsers out of the mix.
Two-way partnership
Authy has a better user interface and supports more platforms, but Microsoft Authenticator covers the most important ones anyway. If you're a Microsoft user or an employee with administrator access, Microsoft Authenticator makes more sense for you.
Take care Backups Authy is also available on Android, which is a plus for Android smartphone users. A user might accidentally forget to toggle the multi-device option, and then it would be easy for a hacker to steal tokens from Authy. While this isn't entirely Authy's fault, it still poses a risk. Microsoft Authenticator removes this from the list. The equation.
