Whether you chose Authy or Google Authenticator to generate your 2FA codes is entirely up to you. The important thing is that you have secured your accounts with 2FA and not only passwords.
The difference between Authy and Google Authenticator lies in the number of features offered by each app. If you like minimalism, use Google Authenticator, but if you like multi-device support, full Backup of your 2FA codes, or three authentication types, use Authy.
Authy offers modern design, optional encrypted cloud backup of your 2FA data, multi-device and multi-platform support, and three authentication types. Authy will work on Android and iOS, Windows, macOS, Linux, or even Apple Watch. Your 2FA tokens will automatically sync across all devices you authorize, and in case any of them was lost, damaged, or stolen, you can deauthorize it from any other trusted device.
You may also like: What if I lose my Phone with Google Authenticator on it?
On the other hand, Google Authenticator offers a minimalistic design, and with a recent update, an option to transfer your accounts to a new phone. It is not a Cloud backup offered by Authy but definitely a step forward.
Authy vs Google Authenticator
|Supported Platform||Android, iOS, macOS, Windows, Linux, Apple Watch||Android, iOS|
|Multi-Device Support||Yes – Automatic Syncronisation across authorized devices.||Yes – Manual Accounts transfer via Transfer Accounts option.|
|Supported Authentication||OTP (One-Time Password) via SMS or Voice Call Two-Factor Authentication.|
TOTP (Time-Based One-Time Password) generated in the app.
Push Notifications – Triggered when accessing the registered site, just the tap needed to log in
TOTP (Time-Based One-Time Password) generated in the app
HOTP (Event-Based One-Time Password) generated in the app.
|Backup||Yes – Encrypted 2FA accounts stored in the cloud.||N/A – What if I lose my phone with Google authenticator on it?|
|On Device Protection||PIN and Biometric protection on Android and iOS.|
Master Password for Windows, MacOS – Master Password is requested every time the app is opened.
|N/A – you must use your phone’s built-in App Locking or third-party software like Bitdefender Mobile Security.|
N/A – Not supported platforms.
Is Authy secure?
Unlike Google Authenticator, you can secure Authy with a PIN or Biometric Protection on mobile devices and Master Password on Windows and macOS.
Once set, you will have to unlock the application to use it.
You may also like: Yubico Authenticator vs Google Authenticator.
Disable Authy Multi-Device support.
Although Authy Multi-Device support is an excellent option to have, you may have to use it with caution.
I have read many reports where people were victims of a SIM Swap fraud resulting in the attacker taking over their phone number.
If you leave the Authy Multi-Device option active, the attacker can easily install a new copy of the Authy app on his phone and authenticate it via SMS message. It may not be a massive problem as the attacker will have to know your login credentials to access your accounts, but it’s not worth the risk.
You may also like: Can I use Google Authenticator on Multiple Device?
The good news is that if you ever used the Authy Backup option, the attacker will need to know your Backup Password to reveal the 2FA codes even if he successfully installed and authenticated Authy on his device using your number.
But to avoid this problem entirely, make sure to add Authy to any devices you want and then Disable Authy Multi-Device support. If you fell victim to SIM Swap fraud, the attacker will not be able to install Authy on his device even by using your stolen phone number.
Is Google Authenticator secure?
Although Google Authenticator does not offer PIN or Biometric security, you can most likely use your phone’s built-in App Lock functionality. Most modern devices provide this type of protection, and it works the same as the one offered by Authy.
You may also like: Yubico Authenticator vs Google Authenticator.
Suppose you don’t have the App Lock option available on your mobile device. In that case, you can use the third-party software, for example, the Android version of Bitdefender Mobile Security & Antivirus, which I have been using for years, has the App Lock option as standard.
I believe the iOS version offers that option as well.
How do I backup my Authy app?
Authy, unlike Google Authenticator, offers encrypted cloud backup for your 2FA tokens. The backup is optional, and you can enable it in the Authy Settings.
You will have to secure your backup with a password. Although Authy allows for the backup password to be at least six characters long, I will strongly advise you to create a longer password.
You may also like: How to use Yubico Authenticator?
Is Authy backup secure?
Your Authy 2FA cloud backup is as secure as the latest encryption technology employed by Authy to encrypt your data. I will not detail how the encryption works but believe me; it is highly technical, and if you like to know more, below is the link to an article explaining the entire process.
Your Backup Password is used in the encryption process by several encryption algorithms but rests assure; your Backup Password is not included in the backup data. It is never transferred or stored in the Authy cloud storage and is only known to you.
That means that if you forget your password, even Authy support won’t help you. There is simply no way of recovering lost or forgotten Authy Backup Password.
If you don’t believe me, below is the statement from the Authy Backup Password Recovery article.
Since the Backups password is never sent to Authy or stored in our servers, Authy support is unable to recover your password.Authy
What happens if you lose your phone with Authy?
Unlike losing your phone with Google Authenticator on it, if your phone was lost or stolen, and you had Authy installed on it, Authy will help you regain access.
You must follow the Authy recovery process guide and select the best option available to you as it all depends on your specific situation. For example, the recovery process might be different if you have a new phone number but the same device or new phone number and a new device.
Make sure to follow the Authy guide and be patient as the process may take up to 24 hours.
Authy 2FA recovery process.
Assuming that you did not forget your Authy Backup Password, but you are unable to either install Authy on your new device or your phone number has changed, Authy offers a 24-hour account recovery process.
But be prepared though, the reason this process may take up to 24 hours is that Authy will have to be sure that you are who you say you are before allowing you to install Authy.
Why does Authy need my phone number?
Authy is using your phone during the installation as a form of identification to ensure that you have access to the phone you claim you have. Authenticating using your phone number is also required for multi-device support and recovery process if you lose your phone.
How do I delete my Authy account?
If for some reason, after trying Authy for some time you have decided to use Google Authenticator instead you can request your Authy account to be permanently removed.
The process takes up to 30 days to complete. Although there is no explanation why it takes so long, I believe that Authy wants to give you time to reset all your accounts secured with Two-Factor Authentication and reauthenticate with the application of your choice.
What do I think?
I have been using Google Authenticator for years, and I still do because of its simplicity.
I believe Google Authenticator is intended to be used by less tech-savvy users where they don’t have to worry about all additional complicated options available in Authy.
Keep in mind that the lack of a backup option in Google Authenticator is a huge problem that only partially has been fixed by offering you the opportunity to transfer accounts to another device, which can then be used as a backup.
Authy, on the other hand, is a full package. With multi-device support and encrypted backup, Authy is definitely worth considering if you want to upgrade from an old good Google Authenticator.
For some reason, I have decided to use both, and I’m happy with it, but I’m sure there will be a moment where I will switch entirely to Authy.