How to use Google Authenticator or Authy to keep your accounts secure
Google Authenticator and Authy are free apps to help protect your accounts from unwanted access. They use two-factor authentication (2FA), which generates single-use codes to verify your identity. This provides a second step to the login process, so even if your password is stolen, bad actors won’t be able to access your account without the 2FA code.
Even if you’ve never used a 2FA service like Google Authenticator or Authy, you’ve almost certainly used a form of 2FA before — texts with one-time codes are a classic example. But SMS isn’t end-to-end encrypted, meaning any knowledgeable party can intercept these codes.
Physical 2FA devices are the most secure, but users run the risk of losing them. Imagine if you lost the keys to your house, and you couldn’t get a copy — it’s a very similar result. 2FA apps are the ideal middle ground to secure your accounts. This guide will show you how to set up two different apps.
Both apps provide one-time verification codes, but they work slightly differently. Google Authenticator only stores codes on one device, so if you want to set it up on another device, you’ll have to transfer your codes over manually.
Authy links your code with your Authy account, so you can log into it on any device and access your codes. Regardless of which one you choose, the app generates a brand-new code every minute after you’ve added an account. If you attempt to log into a 2FA enabled account, you simply open your 2FA app type in the code that appears. It’s quick, simple, and secure.
Check out this article to see our breakdown of the eight best 2FA apps for Android. There are plenty of options, so try out the one that best suits you.
How to enable 2FA on your accounts
Before you set up a 2FA app, you need to set up 2FA on the account you wish to secure. While most popular services provide 2FA verification, not all do (e.g. Spotify). You can find a complete list of 2FA-enabled services here.
You’ll find instructions for a handful of popular account types below, though we recommend checking out your services’ support if you’re having trouble. Services will either provide an alphanumeric code or a QR code. Both will work for enabling 2FA on either Google Authenticator or Authy.
Settings & Privacy → Security & Account Access → Security → Two-Factor Authentication
Google requires you to set up SMS verification first. Once you’ve done so, you’ll immediately receive the option to add an authenticator app
Google Account → Security → 2-Step Verification → Get Started
Once you’ve set up SMS verification, click Set up underneath the Authenticator app to get your code.
Your Account → Login & Security → Edit (Underneath Two-Step Verification Settings) → Get Started
Security and login settings → Edit (Underneath Use two-factor authentication) → Setup (Next to Authentication app)
Settings → Security → Two-step verification → Get started → Mobile app
Settings → My Account → Enable Two-Factor Auth
Security basics → More security options → Set up two-step verification
For many users, Google’s own Authenticator app will be the default pick on Android. Some users prefer Authy — largely in part to Authenticator’s lack of updates — but it’s still trusted by millions of users worldwide.
How to add an account to Google Authenticator
Before starting this process, you must prepare the account you’re linking. Most popular services use 2FA and are usually located in the Security section of their setting’s menus. (e.g. on Twitter Desktop, it’s Settings & Privacy -> Security & Account Access -> Security -> Two-Factor Authentication) You will have the option to use a QR code or a text code (or both). Once you have this code ready, follow these steps:
- Install Google Authenticator using the link above.
- Open Google Authenticator and tap Get Started.
- Tap Scan a QR code or Enter a setup key (Choose the option suggested by your service).
- Once you’ve scanned/entered your code, you’ll be directed to your home screen.
- Tap the plus button in the bottom right to add another account.
How to transfer codes to a new phone
When you have 2FA set up, it’s important to remember to transfer your codes when changing phones. Once your new phone is ready to go, follow these steps:
- On your old phone, open up Google Authenticator and tap the three-dot menu in the upper right.
- Tap Export Accounts.
- Select the accounts you wish to transfer and tap Next.
- Your old phone will now show a QR code. Switch to your new phone to continue the process.
- Install Google Authenticator on your new phone.
- Open Google Authenticator and tap Get Started.
- Tap Import Existing Accounts.
- Tap Scan QR Code.
- Scan the QR code provided by your old phone, and your accounts will transfer.
While the setup for Authy is similar to Google Authenticator’s, Authy backs up your codes to the cloud. This means that when setting up Authy on additional devices, you simply sign in to your account, verify using 2FA, and your codes will be there.
How to add an account to Authy
(1). Install Authy.
(2). Open Authy.
(3). Enter your phone number and tap OK.
(4). Tap the three-dot menu in the upper right.
(5). Tap Add Account.
(6). Tap Scan QR Code or Enter Code Manually (Choose the option suggested by your service).
(7). Scan the QR code or type in the manual code.
(8). Authy will ask you to create a backup password in case this device is lost. Create a password and tap Enable Backups.
(9). You can rename the account or change the logo. Once you’re done, tap Save.
(10). You’ll now be redirected to the app’s home screen.