With two-factor authentication we can access our sites with greater security than simply entering a username and password: in fact, every time we log in, we will send a code via SMS to be used together with the credentials. If the SMS is late or not received, we risk being left out of our account! To avoid this we can replace sending SMS with an authentication system using a single-use code (OTP stands for One Time Password), securely generated through some apps.In this guide we will show you the best apps to generate OTP for two-factor authentication, also explaining how to add the various accounts to check in the app. At the end of the guide, we will be able to get our OTP codes without having to wait for the SMS, quickly and securely, using an app uniquely associated with our mobile device.
READ ALSO: Secure authentication to access Facebook, Google, Amazon, and other services
Enable two-factor authentication
Before we can use OTP codes, we will have to activate two-factor authentication on the site we want to protect with them. Among the most famous sites that accept the OTP codes generated by the app for secure access, we point out Amazon, LastPass, Microsoft, Google, and Facebook, but there are hundreds of other sites that support this type of authentication. For each of these the steps to follow are very similar to each other: we access with the relevant account on the security page, we enable two-factor authentication and we choose to use an app-generated code (also called App code, Token code, Authenticator App or Authentication app); at this point we will be offered a QR Code or a secret code, to be included in one of the apps that we will show you later in the article.
This code is provided in the initial configuration phase it is essential to use the OTP code correctly: in fact the information contained within the QR Code or the secret code allows you to generate a different password every few seconds, even without an Internet connection. Configuring the app then we can access our account every time by simply entering the code displayed at the time (possibly before the associated timer “expires”). To complete the configuration, just enter the OTP code generated by the app immediately, so as to communicate the correct configuration to the site.
TECHNICAL NOTE: how do the site and the app communicate and know that the code is always correct, even without an Internet connection? The explanation is quite simple: the QR Code or the unique code used will “train” the app to generate data pseudo-random specific codes, based on the algorithm created for us by the service. Since the site’s algorithm (associated only with our account) and the apps are identical, the generated OTP code will always be identical, so the site will always know what code to “expect” at that precise moment.
This authentication method is very secure and difficult to detect for hackers and for any attacker since in order to violate it is necessary to put a hand on the encrypted algorithm stored in the app. The same apps offer very simple additional security systems, such as unlocking with the fingerprint: whenever an OTP code is required, simply open the app, use the fingerprint and retrieve the site-specific OTP code to which we are accessing. In addition to the footprint, we can also set a PIN or password, so as to make access to the site even more difficult.
In case of loss of phone or app, let’s make sure of always activate an alternative two-factor authentication method (SMS, notification on the phone, call, etc.), under penalty of remaining out of the account forever (since it will look for an OTP code that we will no longer be able to generate).
If we want to deepen the discussion on two-factor authentication, we refer you to reading our dedicated guide -> Sites/apps where to activate two-step password verification.
App to generate OTP
After seeing how to configure two-factor authentication, we will show you the apps we can use to generate OTP codes. We remind you that these apps are suitable for all services that accept authentication via OTP: even if they seem specific to a service, in reality, allow you to manage all the sites that support this type of authentication.
LastPass Authenticator
One of the best apps to generate OTP is definitely LastPass Authenticator, available for free for Android and iOS.
With this app, we can quickly scan QR codes or secret codes to add compatible services, including of course LastPass.
Once all the services have been added, we will have the numeric codes available on the same page, with a well-displayed timer on the side of each site on which we have associated this type of authentication. To increase the security level of these codes, we can use a PIN, fingerprint or FaceID to quickly unlock the app.
This app works even if we have no account or password saved on LastPass, a famous service to securely store login passwords for our sites online, as seen in the dedicated article -> Store passwords and logins to websites safely and securely.
Microsoft Authenticator
Another app we can use for authentication via OTP code is Microsoft Authenticator, available for free for Android and iOS.
This app allows you to immediately associate all the services that work with OTP codes, clearly and unambiguously showing the code generated at the time for a particular service. Also, in this case, we can use fingerprints, Face ID or a simple PIN to protect access to the codes for our accounts. To try absolutely as an alternative to the solution offered by LastPass (which I recommend to try anyway).
Google Authenticator
The Google app is one of the best to generate temporary OTP codes to use when two-factor authentication is enabled.
For this app, I had dedicated a separate guide on how to use Google Authenticator to secure web accounts
Authy
The last app that I recommend you to try for authentication via OTP is Authy, also available free for Android and iOS.
With a clear and simple to use interface, this app allows you to quickly associate QR codes and secret codes of various services compatible with OTP authentication, with the ability to copy the generated OTP also to the smartphone clipboard, so as to use them to access apps for services on which we have activated authentication.
As with other apps, it offers the possibility of protecting access to PIN, fingerprint and Face ID codes, so as to keep intruders away.
READ ALSO -> How to choose a secure password for any account.