Portal
Forum
Devolutions Force
Hub Business
Hub Personal
Devolutions Send
RDM
Workspace
Launcher
Google Authenticator vs Authy vs Yubico vs Duo
Do you, by any chance, use the same password for more than one website? Do you download software straight from the Internet? Or click on sketchy links in email messages? By doing any of these typical actions, you risk having your password stolen or being hacked. 2FA will prevent this from happening by adding an extra layer of security to your account.
There are 3 well-known factors used for authentication: something you know (a password or passphrase), something you have (your mobile phone or a token), and something you are (your fingerprint). 2FA means the system is using two of these options to authenticate you.
2FA can offer important benefits to enterprises as well as individual users, although the technology can seem complicated and the tools themselves vary. Choosing the right software to fit your needs is a hefty task, so we did some digging around for you and took a closer look at the most popular ones: Google Authenticator, Authy, Yubico and Duo.
Some of the features that we look for in a great 2FA application are mobile support, multiple token support, reporting, complexity workflow and FIDO support.
Google Authenticator is a 2FA mobile application that uses the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP), for authenticating users.
Authy makes it easy for anyone to use their iPhone, Android or desktop for 2FA with all their online accounts. Choose between 3 different combinations of authentication options: Authy SoftToken, Authy OneCode and Authy OneTouch.
Yubico offers YubiKey, which is a small hardware device that features 2FA with the simple touch of a button.
Duo enables users to secure their logins and transactions by self-enrolling and authenticating through their smartphones, the Duo mobile app, a landline, or even offline.
Conclusion
2FA can render hacker attacks much less threatening since accessing passwords is not enough anymore to access your information; and it is pretty unlikely that the attacker would also have the physical device associated with the user account. More layers of authentication makes a system more secure.
Any of these four apps would do a great job in providing that extra layer of protection. All of them support mobile tokens, have different levels of flexible authentication methods, and some will even provide you with advanced analytics. They differ, however, when it comes to pricing, packaging offers, and ability to comprehend and act on the diverse product reports. Surely, these four should be in the starting lineup for any individual or enterprise in the market for a great 2FA.
We concentrated this blog more towards user oriented 2FA, however there are other beasts out there that are more enterprise driven like AuthAnvil or SafeNet only to mention a few. Devolutions Server actually incorporates those solutions such as: AuthAnvil, SafeNet, Azure MFA and Radius. Maybe one day will do a comparison with those ones…maybe…
Let’s not forget that 2FA comes in all sizes and flavors and you need to know as much about multifactor authentication as possible before choosing the right one for you.
Here is a table for a quick overview of some advanced options supported by the different 2 Factor Authentication applications.
