When it comes to iOS, open-source apps are something of a rarity but that doesn't mean they don't exist.
Why? Do you really want to hand over the two-factor authentication process to these big companies or proprietary software?
This is a TOTP (time-based one-time password) app and does not require an Internet connection because of that. The app is probably one of the simplest that you will come across in the niche; it just has the option to add/remove accounts and that is about it.
Well, the only other option that is available is the "Digit Grouping". You can either choose to display the codes in 3 x 2-digit pair groups, or 2 x 3-digit groups. Once you have installed Authenticator on your iPhone or iPad, you will see a nearly blank screen with a few buttons on start.
Authenticator supports adding accounts using QR codes and manually adding accounts.
Refer to your email/social network account's website to set up 2-step verification. Once you get to the page where you are asked to scan a "QR code", run Authenticator and tap on the + button to add an account. Point the camera to the QR code on the computer's screen.
The app should add the account, and display the 6-digit code for it on the screen. Now, most websites which you're setting up 2-step authentication for will require you to enter the TOTP to confirm that it has been configured correctly.
Tap on the plus button, and then on the edit button (note and pencil icon) on the top and you will see a screen which asks for the following:
You can obtain the secret key for your account from its associated website. You can set TOTP or Counter based tokens, and set it to 6, 7 or 8 digits, SHA-1, SHA-256 or SHA-512.
Personally, I would have liked it if the app asked me for a PIN code or password to unlock the 2FA database. An extra layer of security is always a good idea even if it would rely on TouchID or the device's PIN.
You may reduce the issue by setting the screen timeout to the minimum and not the 2-minute default on iOS.
On the bright side, it does not store your 2FA tokens in the cloud in any form. There is no way to backup (or export) your tokens on the other hand. And the fact that Authenticator is open source, unlike nearly every iOS 2-factor authentication app out there, makes it priceless in my opinion.
A 2-step verification enabled account is nearly hacker-proof, read Martin's article for more information.
Now You: Do you use two-factor authentication apps?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.