All kinds of hacks and leaks have proven it many times in recent years: logins with only a password are not secure enough. It is therefore better to combine such a password with an extra factor. In this article, we use authentication apps for this, so-called authenticators, with which you can provide extra security for your accounts.
about you password If you don’t want to be the only method of logging in, you can choose from countless other options, but not all of them are equally convenient or safe. You could, for example, have yourself forwarded a text message, but unfortunately such a notification concerns a mobile network. A more secure solution is an authenticator app on your smartphone.
Such an app generates a time-based and one-time usable code, or TOTP (Time-based, One-Time Passcode), which does not even require a network connection. Such a code is only valid for 30 seconds. Well-known authenticators are Authy, LastPass Authenticator, Google Authenticator and Microsoft Authenticator. The last two are the most popular and we will go deeper into them in this workshop.
2FA and MFA
With traditional logins you only use one factor, almost always a password. A password is something you know, but it’s safer to add an extra factor to it. Typically, that is something you are (a biometric identifier, such as a fingerprint) or something you have (such as a token or a smartphone that can generate a code).
If you use two factors, we are talking about 2FA (two-factor authentication, also called two-step verification), but in principle you can also use multiple factors. In such a case we speak of MFA, or multi-factor authentication.
Google Authenticator
Let’s start with the Google Authenticator app to get started with 2FA/MFA. You can download this app for free from the official Android and Apple app stores. In this article we assume the installation on an Android smartphone, but the operation is almost identical on an iPhone.
After installation, you can immediately add an account for a 2FA/MFA service. You can choose from two options: scan QR code and Enter setting key. In the latter case, you must enter the code or verification key for your account yourself.
As a (logical first) example, let’s set up your Google account so that from now on you need the code from Google Authenticator to log in. Surf to https://myaccount.google.com and select 2-step verification. Confirm with To work and log in again with your account password.
Press Next one and enter the received verification code. Confirm with To turn on. In the next screen you will get an overview of the available, second verification steps.
Link accounts to Google Authenticator
Now click on the arrow button at Authenticator App and on + Set Authenticator. A window with a QR code will appear. You scan this with your Google Authenticator app (via the option scan QR code). If for some reason it doesn’t work, click in your browser on Can’t scan the code? so that a setting key appears. You can manually enter this in your app (via Enter setting key).
Your account will now be linked to the app, with the default name Google (
From now on, you must enter this TOTP code when you register with Google, unless you place a check next to such registration. No more questions on this device.
There is hardly anything to set up in Google Authenticator itself. You can, however, transfer account links to a new device. To do this, install the app on your new device, open the app on your old device, tap the menu button, choose Export accountsselect the accounts, tap Next one and scan the QR code with the app on your new device to be able to log in via that device from now on.
Microsoft Authenticator
Like Google’s app, you can also download Microsoft Authenticator for free from the official app stores of both Android and Apple. We again assume that it works on an Android smartphone. After installing the app, click I agree. You will now see three options: Sign in with Microsoft, Add work or school account and Scan a QR code.
Let’s assume you want to link your Microsoft account. Register for this first at https://account.microsoft.comopen the tab Security and enter your password. Then open the section Advanced security options. Scroll to you Extra security comes and select there Switch Bee Two-step verification.
App differences
Google Authenticator is perhaps the most widely used authenticator app. This is not only due to the predominance of Google, but also to the fact that the app has been available since 2010. Microsoft Authenticator was only rolled out in 2016. It does contain a number of features that the Google app lacks.
These include cloud backup, cross-device sync, passwordless login, and password autofill. If you mainly work with Microsoft services, then Microsoft’s app is probably the most pleasant.
Press Next one and select An app Bee Verify my identity with. Press Next one (2x). A QR code will appear that you scan with your Microsoft Authenticator app, after which your account will be linked to the app. You will now also be offered the option to keep your passwords and other data that you store in Microsoft Authenticator encrypted in your Microsoft account, so that they are synced across all your signed-in devices.
Unless you deliberately don’t want this, leave this option checked and choose Enable AutoFill / Open Settings. Select Authenticatorconfirm with OK / Done / OK.
Adjustments
When you activate 2FA for your Microsoft account, you should be aware that some, especially older apps and devices do not accept security codes. In most cases you have to set a so-called app password.
If you have installed the Authenticator app, but no security code appears, you can use https://kwikr.nl/appww Learn how to set up a custom sign-in method for Outlook.com, Windows Essentials, and Xbox, among others.
Cloud backup
Microsoft Authenticator supports cloud backups. This means that the app backs up your account credentials and app settings to the cloud. This makes it easy to import your accounts on a new or additional device via the Microsoft Authenticator app. In addition to a Microsoft account, you also need an iCloud account for iOS.
Within Android, you enable cloud backup as follows: open the app, tap the button with the three dots, choose Settings and activate Cloud backup. With a new installation of the app you can Restore from a backup and then follow the further instructions.
Passwordless login
It is also possible to work ‘passwordless’ with your Microsoft account. You will no longer be prompted for a password, but will have to sign in using an alternative method, such as a security token, biometrics, or the Microsoft Authenticator app. The latter must in any case be installed. Then sign up at https://kwikr.nl/acwwloos and click Switch Bee Account without password.
Press Next one, select a method to verify your identity. Press . again Next one and tap To approve in Microsoft Authenticator.
Autofill
Microsoft Authenticator also includes an integrated password manager. To do this, tap in the app Passwords and, if you wish, allow password autofill by checking Set as autofill providerafter which you Authenticator select and confirm with OK.
Through Try now you can directly import saved passwords from Google Chrome or from a CSV file. In Chrome you do that via Settings / Passwordsafter which you tap the button with the three dots and Export Passwords / Verifier chooses.
backup
When you have enabled 2FA via an authenticator app, you usually need a password and a TOTP code. But what if you don’t have or have lost your smartphone? To prevent that you can no longer log in, it is advisable to enable an additional login method.
What options are available and how you do that exactly depends on the service. Chances are that in the 2FA section of your account you can print a recovery code, such as from Microsoft, or that you can request a series of one-time backup codes, such as Google. It is best to do this as soon as possible.
2FA on Facebook
You can link many other web services to your Authenticator app. on https://2fa.directory/int you can find decent list of websites that support 2FA. Let’s start with Facebook.
Open Account / Settings & Privacy / Settings / Security & Login. click on To process Bee Two-step verification. Select Using Authentication App. Both a QR code and a setting key will now appear.
In Microsoft Authenticator, tap the button with the three dots and choose + Add account / Change accountafter which you scan the QR code or Enter code manually selects. For Google Authenticator, follow the directions in step 4.
Dropbox
For Dropbox, surf to (the desktop version of the website at) www.dropbox.com. Click on your account icon in the top right and choose Settings. Open the tab Security and toggle the option Two-step verification in. Confirm with To work and enter your Dropbox password. Press Next one and select Via a mobile app.
Press . again Next one to see the QR code. If you choose a setting key, click on Enter the secret code manually. Confirm with Next oneenter the TOTP code and complete the procedure.
The procedure with Instagram is not much different than with Facebook and Dropbox, although you do have to set up 2FA from the app itself. Tap your profile icon at the bottom and then the hamburger icon. Here you choose Settings / Security / Two-step verification. Confirm with To work and toggle the option Authentication app (recommended) in.
Tap on Next one or on Set manually for the setting key. In the first case, select the desired authenticator at Open withafter which the link is established.
The 2FA function in Twitter is somewhat hidden in the menu under the option More. Click here Settings & Privacy / Security & Account Access. Select Security and open the item Two-step verification. Put a check in Verification App and confirm with To work.
You are now familiar with the scenario: a QR code appears or you can click on Can’t scan the QR code? if you prefer to use the manual method with an adjustment key.
.