- Best for a ‘big-name’ option: Microsoft Authenticator
- Best for backups and multiple devices: Twilio Authy
- Best for enterprises: Cisco Duo
- Best for a physical security key: Yubico Security Key
- Best for an open-source alternative: FreeOTP
Multifactor authentication (MFA) is one of the most effective ways to enhance security, and with the rise of apps, such as Google Authenticator, the authentication method has become easier to deploy.
However, whether due to privacy concerns, a lack of updates (especially when it comes to open-source options), or preference, many choose to avoid Google Authenticator.
Fortunately, there’s no shortage of competitors on the market, each with distinct advantages. Here are some of the top Google Authenticator alternatives.
Top Google Authenticator alternatives: Comparison table
Product name | Pricing | Key Features |
---|---|---|
Microsoft Authenticator: Best for a “big-name” option | Free | Two-factor authentication (2FA)/MFA support Passwordless sign-in Push notifications |
Twilio Authy: Best for backups and multiple devices | 5 cents per successful verification plus standard fees per channel | 2FA/MFA support Multidevice sync Soft token and backup Time-based one-time password (TOTP) |
Cisco Duo: Best for enterprises | Free up to 10 users Essentials: $3 per user, per month Advantage: $6 per user, per month Premium: $9 per user, per month | Risk-based authentication Single sign-on (SSO) Passwordless authentication Complete device visibility |
Yubico Security Key: Best for a physical security key | Yubico security keys are available in different models and configurations, each with varying prices. The pricing depends on factors like the model, connectivity―such as USB-A, USB-C, and near-field communication (NFC)―and features of the security key | 2FA support FIDO2 and U2F support Multiprotocol support Physical security |
FreeOTP: Best for an open-source alternative | Free | 2FA Open-source software TOTP Hash-based message authentication code (HMAC)-based, one-time password (HOTP) |
Microsoft Authenticator: Best for a ‘big-name’ option
Available for both Android and iOS, Microsoft Authenticator offers a similar experience to Google’s, working with both Microsoft and non-Microsoft accounts.
No passwords are required. Accounts are accessible using a PIN code, fingerprint, or face recognition. There’s also the option to backup credentials to the cloud, but this requires a personal Microsoft account, with iOS users also needing to link to an iCloud account.
Recent notable improvements Microsoft has made include the ability to now display the name of the service, website, or application being accessed. This serves as an additional layer of security you can use to confirm the authenticity of an MFA request.
Why we chose Microsoft Authenticator
As a large established company, Microsoft can provide a robust level of support for users who have questions or issues with the product. It also can provide a consistent level of updates to provide new features and patch bugs with the software.
Pricing
- Free and available for download from Apple Store or Google Play Store.
Features
- Provides 2FA.
- Provides passwordless sign-in.
- Supports push notifications.
- Supports MFA.
Pros
- 2FA and MFA provide an extra layer of security.
- Easy to use with Microsoft accounts and other supported services.
- User-friendly interface with push notification approval for MFA.
- Supports various authentication methods, including biometrics and phone sign-in.
Cons
- Not all services support Microsoft Authentication for 2FA or MFA, which limits its usage.
- Users must have the app installed on their mobile device to use 2FA or MFA, which creates complications if the device is lost or unavailable.
Twilio Authy: Best for backups and multiple devices
Although it isn’t as big or widely known as Google or Microsoft, Twilio’s Authy app is one of the most impressive and feature-rich Google Authenticator alternatives. Twilio takes pride in the fact that its app can be used anywhere Google Authenticator can be used, meaning that those making the switch won’t hit any unexpected compatibility issues.
It offers its own distinct advantages with some major quality-of-life features that make it easier to securely access your data. The app is available on multiple platforms, including iOS, Android, and Chrome, with the ability to synchronize your 2FA tokens across them so they’re always there when you need them. You’re also able to view and edit your devices at any time and create securely encrypted backups in case any of them are ever lost or stolen.
Twilio provides regular updates for its Authy app, with the most recent improvement involving the delivery method of one-time passwords (OTPs). Beginning in February 2024, the company stated that OTPs would be sent via rich communication services (RCS), a more secure method than the default short messaging (SMS) channel, as it’s able to utilize Wi-Fi and cellular.
Why we chose Twilio Authy
Depending on the MFA solution, users could be locked out of their accounts if they lose their phone or other device. Twilio, however, allows users to back up all 2FA tokens and restore them in the event that they lose their primary devices. Twilio also provides features to manage multiple devices, including the ability to sync and disable future installations for added security.
Pricing
- Twilio charges 5 cents per successful verification plus standard fees per channel for its basic version that includes 2FA, but custom pricing is offered for more advanced features.
Features
- 2FA.
- Multidevice sync.
- Soft token and backup.
- MFA.
- TOTP.
Pros
- 2FA and MFA support for various authentication methods.
- Soft token feature eliminates the need for a physical hardware token.
- Easy setup process and user-friendly interface.
- Multidevice sync means users can access 2FA codes on different devices.
Cons
- Advanced features and customization require the paid plan.
Cisco Duo: Best for enterprises
Some may find Cisco’s name a somewhat surprising inclusion on this list as many associate them more with routers, internet phone systems, and other hardware. It is no slouch on the software side though, with Duo offering a very strong enterprise-level Google Authenticator alternative.
As part of its newest batch of updates, notable additions include a public preview for Verified Duo Push. This is a feature that provides a greater level of security by asking users for an additional verification code for push requests. Codes sent via SMS text message have also been streamlined as codes are now machine-readable to allow mobile browsers to complete authentication without additional user intervention.
This MFA product comes as part of a suite of software, which can also be used to set up and manage other useful information technology (IT) functionality, such as remote access and access control. This feature is targeted at commercial customers, however, and the pricing reflects that.
Although most alternatives to Google Authenticator are completely free but potentially relatively limited in terms of options, Duo can offer you a lot if you’re willing to pay for it. The free option, which Cisco advises is aimed toward individuals and very small teams, is most comparable to what Google offers and will be enough for many, although it faces competition from the likes of Authy. If you want desktop access or many of the more specialized features Duo offers, or you have more than 10 users, you’ll need to pay per user. Prices start at $3 per user, per month. That rises to $9 or potentially even higher depending on exactly which features you need.
Since Microsoft Authenticator is also an alternative we identified, you can learn more in our article comparing Cisco Duo vs Microsoft Authenticator.
Why we chose Cisco Duo
Implementing MFA for enterprises and large businesses can be complex. However, Cisco is an excellent option to consider because of its Duo Policy Engine. This tool allows organizations to manage access across different users and levels of the company. Permissions and policies can also be customized based on user locations, remembered devices, device health, and more.
Pricing
- Free up to 10 users, Essentials is $3 per user, per month, Advantage is $6 per user, per month, and Premium is $9 per user, per month.
Features
- Risk-based authentication.
- SSO.
- Passwordless authentication.
- Complete device visibility.
Pros
- Comprehensive package for complete zero-trust access.
- Virtual private network (VPN)-less remote access to private resources.
- User-friendly and easy-to-use interface for both end users and administrators.
- Complete device trust with an endpoint protection check.
Cons
- Expensive for organizations with a large number of users seeking to use advanced features.
- May require additional setup and configuration, which could be challenging for nontechnical users.
Yubico Security Key: Best for a physical security key
This Google Authenticator alternative offers something different. Rather than relying on an app installed on a phone or desktop, Yubico provides a physical key that serves as an authenticator. This key, which comes in USB-A and USB-C versions, will work out of the box with all of the major websites you’d expect it to as well as common password managers and other software.
Usage is straightforward, the documentation is extensive and easy to understand, and the key itself feels very solid and durable. As well as the standard USB plug connectivity, tap-and-go authentication for mobile apps is included. Yubico does offer keys with even more features, such as the YubiKey Bio series, which integrates biometric security through the inclusion of a fingerprint sensor.
The YubiKey 5 series is the latest version of the product, which delivers additional options including the ability to opt for passwordless authentication, 2FA using a password with an authenticator as well as MFA via passwordless verification and a PIN. It also offers a wide range of phishing-resistant authentication protocols, such as FIDO2/WebAuthn and Personal Identity Verification Smart Card.
Pricing varies depending on the size of your organization and whether you’re looking to buy the keys with an upfront payment or if you choose to subscribe. Subscribing can offer some savings to larger organizations, but individuals and smaller businesses who are confident they aren’t going to lose their keys may prefer to pay once and be done with it.
Why we chose Yubico Security Key
Yubico’s physical security keys have authentication protocols that are phishing-resistant, a vulnerability present with SMS and some other methods of mobile MFA. Keys are easy to use and are supported by a wide range of online services and apps. Security keys can also be used to secure computers and even physical spaces.
Pricing
- Yubico security keys are available in different models and configurations, each with varying prices. The pricing depends on factors, including the model, connectivity―USB-A, USB-C, NFC, and others―and features of the security key.
Features
- 2FA.
- FIDO2 and U2F support.
- Multiprotocol support.
- Physical security.
Pros
- Strong authentication with FIDO2 and U2F support.
- Compatible with various platforms and services, enhancing versatility and usability.
- Provides a higher level of protection against account compromise.
- Passwordless login, improving user experience and security.
Cons
- Hardware security keys could be expensive for some.
- The need to have the physical security key for authentication may make them less convenient compared to mobile-based authentication methods.
FreeOTP: Best for an open-source alternative
One complaint about Google Authenticator is that it’s no longer open source, with the relevant repositories not updated for several years. This isn’t an issue with FreeOTP, however, as it’s completely open source.
Version 2 is the latest major release of FreeOTP. It introduced a new material design user interface, default branding for major services, and the ability to backup and restore tokens. Three minor updates have since been provided, eliminating various bugs and providing slight enhancements.
Available on both Android and iOS, this authentication app is relatively lightweight and minimalist, both in terms of user experience and features.
Why we chose FreeOTP
As open-source software, FreeOTP can provide users with faster updates and resolutions to things like bugs and vulnerabilities. It can also allow for a greater level of customization that is not possible with other private or proprietary software.
Pricing
- Free
Features
- 2FA.
- Open-source software
- TOTP.
- HOTP.
Pros
- Accessible and transparent open-source software.
- Strong 2FA support with TOTP and HOTP authentication methods.
- Cross-platform availability for Android and iOS devices.
- Works offline with no need for an internet connection during authentication, which enhances reliability.
Cons
- Users must have their mobile device with them during login, which could be less convenient than hardware-based 2FA solutions.
- The reliance on a mobile device could be a concern if the device is lost, damaged, or unavailable.
How do I choose among Google Authenticator alternatives?
You may want to consider alternatives to Google Authenticator if you desire the ability to customize your method of MFA, need to manage multiple devices or users, prefer using a physical security key, or want to work with a company that has different support options. Although companies that offer an MFA solution can accomplish the same goal of providing greater protection against unauthorized access to accounts, differences exist for the level of security provided and functionality that can affect ease of implementation, use, and maintenance.
In selecting a product that is suited to your needs, consider what you can afford as well as the features and characteristics most important to you. Think about differences in what’s offered for layers of authentication, backup and restore options, encryption protocols, customization, and support options, and tools to manage permissions for user groups.
For example, individuals or businesses particularly prone to phishing attacks may want the peace of mind that comes with a Yubico phishing-resistant security key. Similarly, companies with employees that need varying levels of permissions may want to look into Cisco’s Duo Policy Engine.
Regardless of the option you choose, adding MFA provides a layer of protection that can protect you from having to deal with the ramifications of allowing unauthorized access to your accounts.
Read next: Authy vs Google Authenticator
Methodology
When making this list, we considered a range of factors to ensure that we would be bringing you the very best Google Authenticator alternatives. Some of the key areas where these apps and services had to stack up follow:
- Reputation: The software must come from a trustworthy, reputable company.
- Reliability: It’s also important that there is minimal downtime, to ensure that you’re always able to securely access your accounts and data when needed.
- Features: The apps in our selection offer a range of features and each was selected, in part, for its ability to meet the needs of specific users in ways that Google Authenticator and other alternatives cannot.
- User experience: While offering a high level of security and unique features is important, so is the user experience, so we gave precedence to options that are easy for users to use.
- Value: Although some of our top picks are free, others aren’t. However, the paid options offer exceptional value provided you need and will take advantage of their additional features.