Other than changing your password every 6 months, Two-factor authentication (2FA) is the best way to protect yourself online, including apps on iPhone and Android. With 2FA, you can defeat cyber criminals & avoid account takeovers with stronger security, for free! Enter your username and confirm your sign-in with your phone. It’s that easy! via time based one time passwords (TOTP), you can secure all your online accounts. Simply enable two factor authentication (TFA) on all your accounts.
Continue ➤ 7 Free And The Best Password Manager For Windows 10, Mac, Android And iPhone
Why use Two-Factor Authentication? Relying on just usernames and passwords to secure your online accounts is no longer considered safe. Data breaches occur daily and hackers are always inventing new ways to take over your accounts. Protect yourself by enabling two-factor authentication (2FA). This blocks anyone using your stolen data by verifying your identity through your device.
1. Tofu Authenticator
An easy-to-use open-source two-factor authentication app designed specifically for iOS. Tofu generates one-time passwords to help you protect your online accounts. These passwords are used together with your normal password when you sign into services like Google, Facebook, Dropbox, Amazon, and GitHub.
Tofu works with all services that provide two-factor authentication using the HOTP and TOTP algorithms. It does not require a network or cellular connection and can be used in airplane mode.
- Scanning: Scan the QR code your issuer provides to automatically add your account.
- Search: Search your accounts by name to quickly find the one you’re looking for.
- Compatibility: Support for both counter-based and time-based one-time passwords with 6 or 8 digits using the SHA1, SHA256, and SHA512 algorithms.
- Offline: Requires no network or cellular connection and can be used in airplane mode.
- Security: All your account details are safely stored in the iOS keychain.
2. Bitwarden Authenticator
New from Bitwarden, provider of the password manager trusted by millions, Bitwarden Authenticator generates verification codes for two-factor authentication, ensuring your identity is verified when you log into accounts. Using industry-standards, Bitwarden Authenticator supports any website or application that uses TOTP.
3. Aegis Authenticator
Aegis Authenticator is a free, secure and open source app for Android to manage your 2-step verification tokens for your online services. Aegis supports the HOTP and TOTP algorithms. These two algorithms are industry-standard and widely supported, making Aegis compatible with thousands of services. Any web service that supports Google Authenticator will also work with Aegis Authenticator.
4. Authy
Authy is a simple way to manage two-factor authentication accounts. Authy supports Gmail, Dropbox, Amazon, PayPal, Instagram, Twitter, LastPass and thousands of other sites. Go beyond the password and protect yourself from hackers and account takeovers.
- Secure Cloud Backups – Did you lose your device and got locked out of all of your accounts? Authy provides secure cloud encrypted backups so you will never lose access to your tokens again. They use the same algorithm banks and the NSA use to protect their information.
- Multi Device Synchronization – Are you re-scanning all your QR codes just to add them to your tablet and smartphone? With authy you can simply add devices to your account and all of your 2fa tokens will automatically synchronize.
- Offline – Still waiting for an SMS to arrive? Do you travel constantly and lose access to your accounts? Authy generates secure tokens offline from the safety of your device, this way you can authenticate securely even when in airplane mode.
- Protect your bitcoins – Authy is the preferred two factor authentication solution to protect your bitcoin wallet. They are the default 2fa provider for trusted companies like Coinbase, CEX.IO, BitGo and many others.
5. FreeOTP
FreeOTP adds a second layer of security for your online accounts. This works by generating one-time passwords on your mobile devices which can be used in conjunction with your normal password to make your login nearly impossible to hack. These passwords can be generated even when your phone is in airplane mode.
FreeOTP works with many of the great online services you already use, including Google, Facebook, Evernote, GitHub and many more! FreeOTP also may work for your private corporate security if they implement the standardized TOTP or HOTP protocols. This includes great enterprise solutions like FreeIPA.
6. andOTP
andOTP implements Time-based One-time Passwords (TOTP) like specified in RFC 6238 (HOTP support is currently in beta testing). Simply scan the QR code and login with the generated 6-digit code. To keep your account information as secure as possible andOTP only stores it in encrypted data files. There are two methods of encryption which can be used: the Android KeyStore or a Password / PIN.
- Encrypted storage with two backends – Android KeyStore (can cause problems, please only use if you absolutely have to) and Password / PIN
- Multiple backup options via Plain-text, Password-protected and OpenPGP-encrypted
7. Google Authenticator
Google Authenticator works with 2-Step Verification for your Google Account to provide an additional layer of security when signing in. With 2-Step Verification, signing into your account will require both your password and a verification code you can generate with this app. Once configured, you can get verification codes without the need of a network or cellular connection.
- Automatic setup via QR code
- Support for multiple accounts
- Support for time-based and counter-based code generation
8. WinAuth
WinAuth is a portable, open-source Authenticator for Windows that provides counter or time-based RFC 6238 authenticators and common implementations, such as the Google Authenticator.
WinAuth can be used with many Bitcoin trading websites as well as games, supporting Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm, Diablo), Fortnite, Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape, SWTOR and Steam.
9. LastPass Authenticator
LastPass Authenticator offers a unique one-tap password verification experience that no other authenticator app delivers. Once you pair LastPass Authenticator with the site of your choice, you’ll enjoy one-tap login for secure and instant access. Safeguard your LastPass account by requiring two-factor authentication codes when signing in.
Two-factor authentication improves your digital security by protecting your account with an additional login step. Even if your password is compromised, your account can’t be accessed without the two-factor authentication code.
- Add more security – Worried about phishing attacks or malware? Two-factor authentication keeps hackers locked out.
- Enjoy a better experience – User-friendly, secure verification with one-tap login to top sites, including Google, Facebook, Amazon, and more.
- You choose how to login – The app supports 6-digit generated passcodes, SMS codes and automated push notifications for one-tap login.
- The only Authenticator app you need – Enable push-based notifications for commonly-accessed sites, and auto-generated passcodes for others so you only need one app.
10. Microsoft Authenticator
Sign in is easy, convenient, and secure when you use Microsoft Authenticator. Use your phone, not your password, to log into your Microsoft account. You simply have to enter your username, then approve the notification sent to your phone. Your fingerprint, face ID, or PIN will provide a second layer of security in this two step verification process. After, you’ll have access to all your Microsoft products and services, such as Outlook, OneDrive, Office, and more.
- More secure – Passwords can be forgotten, stolen, or compromised. With Authenticator, your phone provides an extra layer of security on top of your PIN or fingerprint.
- Get to your apps faster – Use Authenticator to sign-in to Outlook, OneDrive, Office, and more.
- Add multiple accounts – Protect all of your accounts with two-step verification. The app also helps you secure all of your online accounts by using the industry standard time-based OTP (one-time password) codes.
11. OTP Auth
This app is used to calculate one time passwords required to log into your accounts after you enabled two factor authentication. It works with many popular services like Google Mail, Amazon, GitHub, Dropbox and many more.
All data stored by OTP Auth is stored using strong AES-256 encryption. This applies for all data. In particular, for both locally stored data as well as data stored in the iCloud Drive (when iCloud Sync is enabled). The password for those files never leaves your device such that no one but you can read your data.
- Export – Export single accounts or make a backup of all accounts. Whatever you do, your accounts are encrypted using AES-256.
- iCloud Sync – Enable iCloud Sync and all your devices will have the same set of accounts. Always.
- Face ID and Touch ID – To secure your accounts from unauthorized access, OTP Auth can be secured using Face ID, Touch ID or a password (if your device does not support Face ID or Touch ID).
12. Authenticator
Authenticator is a simple, free, and open source two-factor authentication app. It helps keep your online accounts secure by generating unique one-time passwords, which you use in combination with your other passwords to log into supporting websites. The simple combination of the password in your head and the rotating passwords generated by the app make it much harder for anyone but you to access your accounts.
13. Obsidian – OTP Authenticator
Obsidian keeps all your OTP tokens in a safe place wrapped in an elegant UI. All the data is stored in your Apple Keychain and not accessible anywhere else. You can also sync your tokens on your iPhone, iPad and Mac via iCloud. Keep all your HOTP and TOPT tokens in one place. Synchronized on all your iOS devices via iCloud. Nothing flies to third party servers.