Home » Two-Step Verification » Is Authy better than Google Authenticator?

Is Authy better than Google Authenticator?

DISCLOSURE: THIS POST MAY CONTAIN AFFILIATE LINKS, MEANING I GET A COMMISSION IF YOU DECIDE TO MAKE A PURCHASE THROUGH MY LINKS, AT NO COST TO YOU. PLEASE READ MY DISCLOSURE FOR MORE INFO.

Table of Contents

Whether you chose Authy or Google Authenticator to generate your 2FA codes is entirely up to you. The important thing is that you have secured your accounts with 2FA and not only passwords.

The difference between Authy and Google Authenticator lies in the number of features offered by each app. If you like minimalism, use Google Authenticator, but if you like multi-device support, full Backup of your 2FA codes, or three authentication types, use Authy.

Authy offers modern design, optional encrypted cloud backup of your 2FA data, multi-device and multi-platform support, and three authentication types. Authy will work on Android and iOS, Windows, macOS, Linux, or even Apple Watch. Your 2FA tokens will automatically sync across all devices you authorize, and in case any of them was lost, damaged, or stolen, you can deauthorize it from any other trusted device.

You may also like: What if I lose my Phone with Google Authenticator on it?

On the other hand, Google Authenticator offers a minimalistic design, and with a recent update, an option to transfer your accounts to a new phone. It is not a Cloud backup offered by Authy but definitely a step forward.

Authy vs Google Authenticator

OptionsAuthyGoogle Authenticator
CostFreeFree
Supported PlatformAndroid, iOS, macOS, Windows, Linux, Apple WatchAndroid, iOS
Multi-Device SupportYes – Automatic Syncronisation across authorized devices.Yes – Manual Accounts transfer via Transfer Accounts option.
Supported AuthenticationOTP (One-Time Password) via SMS or Voice Call Two-Factor Authentication.

TOTP (Time-Based One-Time Password) generated in the app.



Push Notifications – Triggered when accessing the registered site, just the tap needed to log in
N/A


TOTP (Time-Based One-Time Password) generated in the app

HOTP (Event-Based One-Time Password) generated in the app.

N/A

BackupYes – Encrypted 2FA accounts stored in the cloud.N/A – What if I lose my phone with Google authenticator on it?
On Device ProtectionPIN and Biometric protection on Android and iOS.


Master Password for Windows, MacOS – Master Password is requested every time the app is opened.
N/A – you must use your phone’s built-in App Locking or third-party software like Bitdefender Mobile Security.

N/A – Not supported platforms.

Is Authy secure?

Unlike Google Authenticator, you can secure Authy with a PIN or Biometric Protection on mobile devices and Master Password on Windows and macOS.

Once set, you will have to unlock the application to use it.

You may also like: Yubico Authenticator vs Google Authenticator.

Disable Authy Multi-Device support.

Although Authy Multi-Device support is an excellent option to have, you may have to use it with caution.

I have read many reports where people were victims of a SIM Swap fraud resulting in the attacker taking over their phone number.

If you leave the Authy Multi-Device option active, the attacker can easily install a new copy of the Authy app on his phone and authenticate it via SMS message. It may not be a massive problem as the attacker will have to know your login credentials to access your accounts, but it’s not worth the risk.

You may also like: Can I use Google Authenticator on Multiple Device?

The good news is that if you ever used the Authy Backup option, the attacker will need to know your Backup Password to reveal the 2FA codes even if he successfully installed and authenticated Authy on his device using your number.

Authy backup password required for account decryption.

But to avoid this problem entirely, make sure to add Authy to any devices you want and then Disable Authy Multi-Device support. If you fell victim to SIM Swap fraud, the attacker will not be able to install Authy on his device even by using your stolen phone number.

Authy registration error due to the disabled Multi-Device support.

Is Google Authenticator secure?

Although Google Authenticator does not offer PIN or Biometric security, you can most likely use your phone’s built-in App Lock functionality. Most modern devices provide this type of protection, and it works the same as the one offered by Authy.

App Lock functionality in Huawei EMUI 10.

You may also like: Yubico Authenticator vs Google Authenticator.

Suppose you don’t have the App Lock option available on your mobile device. In that case, you can use the third-party software, for example, the Android version of Bitdefender Mobile Security & Antivirus, which I have been using for years, has the App Lock option as standard.

I believe the iOS version offers that option as well.

Securing Google Authenticator with Bitdefender App Lock option.

How do I backup my Authy app?

Authy, unlike Google Authenticator, offers encrypted cloud backup for your 2FA tokens. The backup is optional, and you can enable it in the Authy Settings.

You will have to secure your backup with a password. Although Authy allows for the backup password to be at least six characters long, I will strongly advise you to create a longer password.

Make sure your Authy Backup Password is longer than 6 characters.

You may also like: How to use Yubico Authenticator?

Is Authy backup secure?

Your Authy 2FA cloud backup is as secure as the latest encryption technology employed by Authy to encrypt your data. I will not detail how the encryption works but believe me; it is highly technical, and if you like to know more, below is the link to an article explaining the entire process.

How Authy 2FA Backup Work?

Your Backup Password is used in the encryption process by several encryption algorithms but rests assure; your Backup Password is not included in the backup data. It is never transferred or stored in the Authy cloud storage and is only known to you.

That means that if you forget your password, even Authy support won’t help you. There is simply no way of recovering lost or forgotten Authy Backup Password.

If you don’t believe me, below is the statement from the Authy Backup Password Recovery article.

Since the Backups password is never sent to Authy or stored in our servers, Authy support is unable to recover your password.

Authy

What happens if you lose your phone with Authy?

Unlike losing your phone with Google Authenticator on it, if your phone was lost or stolen, and you had Authy installed on it, Authy will help you regain access.

You must follow the Authy recovery process guide and select the best option available to you as it all depends on your specific situation. For example, the recovery process might be different if you have a new phone number but the same device or new phone number and a new device.

Make sure to follow the Authy guide and be patient as the process may take up to 24 hours.

Authy 2FA recovery process.

Assuming that you did not forget your Authy Backup Password, but you are unable to either install Authy on your new device or your phone number has changed, Authy offers a 24-hour account recovery process.

But be prepared though, the reason this process may take up to 24 hours is that Authy will have to be sure that you are who you say you are before allowing you to install Authy.

Why does Authy need my phone number?

Authy is using your phone during the installation as a form of identification to ensure that you have access to the phone you claim you have. Authenticating using your phone number is also required for multi-device support and recovery process if you lose your phone.

How do I delete my Authy account?

If for some reason, after trying Authy for some time you have decided to use Google Authenticator instead you can request your Authy account to be permanently removed.

The process takes up to 30 days to complete. Although there is no explanation why it takes so long, I believe that Authy wants to give you time to reset all your accounts secured with Two-Factor Authentication and reauthenticate with the application of your choice.

What do I think?

I have been using Google Authenticator for years, and I still do because of its simplicity.

I believe Google Authenticator is intended to be used by less tech-savvy users where they don’t have to worry about all additional complicated options available in Authy.

Keep in mind that the lack of a backup option in Google Authenticator is a huge problem that only partially has been fixed by offering you the opportunity to transfer accounts to another device, which can then be used as a backup.

Authy, on the other hand, is a full package. With multi-device support and encrypted backup, Authy is definitely worth considering if you want to upgrade from an old good Google Authenticator.

For some reason, I have decided to use both, and I’m happy with it, but I’m sure there will be a moment where I will switch entirely to Authy.

My Favorite Software and Hardware.

Thank you for reading this article. I hope you found it helpful. Here is the list of the software and hardware I am personally using, which I believe you may also find useful. These are affiliate links, so if you decide to use any of them, I will earn a small commission at no extra cost to you. But in all honesty, this is the exact software I have installed on my computer and the hardware I have been using to secure my online accounts or store my passwords.

1Password Password Manager - I have been using 1Password for the past two years, and in my opinion, it is the best Password Manager yet. You can try 1Password for free or check the latest deals on the 1Password website.

Yubikey 5C NFC - This is a hardware authentication device that you can use to protect your online accounts or even computers. If you are thinking of getting one, I will highly recommend Yubikey 5C NFC, which, thanks to the NFC, can also be used with your phone.

Bitdefender Total Security - I had tried other Anti-Virus software whenever my Bitdefender license was about to expire. However, at the end of the day, this is still my favorite Anti-Virus. You can check the latest offers on the Bitdefender site.

NordVPN - If you are looking for some privacy when browsing the web, NordVPN will have you covered. Save 72% now with a 2-year planvisit the NordVPN website for more details.

Malwarebytes - It will defend you against harmful websites and remove any malware from your computer. Make sure to check the latest offers on the Malwarebytes website.