Yes, two-factor authentication is a critical layer of security added to your online accounts, but you’re still vulnerable to hackers if you receive codes via text message. A better way to manage these quick codes is to use an authenticator app, such as Google Authenticator or Twilio Authy. When you use an authenticator app, the multifactor code is available within the app, not by text.
Want to switch from the 2FA process controlled by SMS messages to a more secure option? Here’s how you can get started with Google Authenticator, recent changes to the app, and how to access your verification codes within the app.
How should I set it up?
First, download the app to your smartphone or tablet. Google Authenticator is available for iOS and Android.Open the app and tap start button. You can choose to sign in with your Google account or use the app without signing in. If you are logged in, Google Authenticator will save your 2FA data for you. More on this later.
The next step is to choose the online account you want to set up with Google Authenticator. Your most visited sites may support multi-factor authentication with this app. From Amazon and Gmail to TikTok and Dropbox, the steps are slightly different, but the overall process is basically the same.
After selecting an account, the rest of the settings can be done in one of two ways. You can scan the QR code with the camera on your smartphone, or enter the code manually.
Let’s take Amazon’s login flow as an example.Your first option is to log into your Amazon account on your laptop, go to account page, and select Login and Security. then click Open for two-factor authentication and let’s start on the next page. The pre-selected option you will see is to receive a code via text message.Instead, choose an option authenticator app.
When you see the QR code on your laptop screen, open the Google Authenticator app on your phone.Click the plus sign in the lower right corner of the app, then Scan QR code. Decide if you want to allow the app to access your camera; otherwise you will need to enter the code manually. Scan the barcode with your smartphone and an expired code pops up in the app and is constantly regenerated. Next, enter the six-digit code into your laptop. Acknowledge that older devices may require a special 2FA code login process and complete the setup process.
What’s new about it?
A common criticism of Google Authenticator in the past has been that all your codes are locked into one phone. If you lose your device on a boisterous night out with friends, or if a thief snatches it from you, it may be difficult or impossible to get into your linked accounts. Likewise, if you’ve upgraded your phone, it can be a hassle to scan or export and import all the QR codes for your websites and services to a new device and set everything up again.
In addition to some design changes, Google recently added the ability to have your code sync across your Google account. When you’re in the authenticator app, you’ll see a green cloud with a check mark next to your profile photo in the upper right corner, indicating your codes are synced. Note that you must be signed in to use this feature, so if you have been using Google Authenticator and have not signed in, you will have to sign in to store information in your account, or to export and import your Data the old way.
ok now give me those damn codes
So you’ve set it up and synced your code with your Google account. What’s next? When logging into any account that you have connected to Google Authenticator, you will open the app, find the temporary code associated with that account, and use it to complete the process.
Looking for more ways to protect your online accounts? Authenticator apps aren’t the only option for enhanced security. In fact, you can further protect your most important logins with a physical security key.