Home

authenticatorapp

An authenticator app is a software application used to perform multi-factor authentication by generating or delivering a second factor during login. These apps run on smartphones or computers and are used with online services that support MFA, providing an additional barrier beyond a username and password.

Most authenticator apps implement time-based one-time passwords (TOTP) or event-based one-time passwords (HOTP). During setup, the

Provisioning typically involves importing or adding multiple accounts within the app. Codes can be generated offline,

Security considerations include the risk that a compromised device could disclose codes, and the need to protect

Examples of authenticator apps include Google Authenticator, Microsoft Authenticator, Authy, LastPass Authenticator, Duo Security, and 1Password's

service
provides
a
shared
secret
(often
via
a
QR
code)
that
the
app
stores
securely.
When
logging
in,
the
app
computes
a
short
numeric
code
based
on
the
secret
and
the
current
time
(for
TOTP)
or
a
counter
(for
HOTP).
The
code
expires
after
a
short
window,
typically
30
seconds.
Some
services
also
offer
push-based
authentication,
which
sends
a
prompt
to
the
app
for
automatic
approval
on
the
registered
device.
but
many
apps
offer
cloud
backup
or
encrypted
synchronization
so
accounts
survive
device
loss.
Codes
are
device-specific
and
are
not
transmitted
to
the
service
during
login
beyond
the
code
entry
itself.
The
approach
is
widely
supported
by
major
identity
providers
and
2FA
workflows.
the
app
with
a
device
lock
or
biometric
authentication.
Users
should
enable
backup
protections,
disable
screen
sharing,
and
secure
recovery
options
such
as
backup
codes.
Authenticator
apps
do
not
guard
against
phishing
by
themselves;
some
phishing-resistant
MFA
methods
complement
them.
built-in
TOTP
generator.
The
concept
emerged
in
the
early
2010s
as
part
of
broader
MFA
adoption
and
remains
a
common,
portable
method
for
second-factor
authentication.