Some days ago, we told you about Authenticator, an open-source 2-step verification app for iOS. The app generates codes for two-factor authentication use. Many web services support 2FA to add another layer of security to the user authentication process.
Today, it's the turn of an equally simple Windows app called WinOTP Authenticator. It is a UWP app, and hence exclusive to Windows 10.
A brief history about the app: about a year ago an app called "Authenticator for Windows" was removed from the Windows Store. This was a proprietary app and was one of the few available for Windows Phone/Windows 10. The author open-sourced the app shortly after hoping that someone would resurrect it, and that's exactly what happened a few months ago.
This process is slightly different from a phone 2FA app where you'd point the camera at the QR code on the screen and are done with it. The app works by entering the "secret key" manually which is identical to the process on mobile devices if you select the manual way during setup.
Here is how it works:
Note: There is an alternative way. The program says that you can drag the QR-code that is displayed on the screen on to the interface of WinOTP Authenticator and it should read the code. I tried it a couple of dozen times with different services, but it did not work.
Instead of a circle (which fills up or disappears) that you are maybe used to when you use mobile devices to generate the authentication code, WinOTP Authenticator displays a horizontal bar that progresses from the left to the right to indicate when the displayed code will expire.
WinOTP Authenticator displays the TOTP codes for all of your added accounts on the home page. To copy a code to the clipboard just click on it. There is a setting which clears the clipboard when a copied code expires; this is enabled by default and there is little reason to disable it unless you need more time.
Note: The Sync with OneDrive option causes WinOTP Authenticator to crash, at least for me.
You can reorder or delete accounts by clicking on the pencil button on the start bar. Remember to disable 2FA from your account's settings on the website before deleting it from the app as you may run into authentication issues otherwise. You can toggle the app to sync the time using NTP; this is important since 2-factor codes are time based.
Apart from the QR Code and OneDrive issues (which are on the developer's roadmap), the app worked without issues. It offers a convenient option to log in to websites with click and paste.
I stumbled upon this app while looking for a WinAuth alternative and it has been a fine replacement. Normally I wouldn't recommend using a PC app for 2-factor authentication because anyone who has access to the PC will have access to the 2FA codes. But, many people have a PC that is private (at home or work), in which case it can be a pretty secure option especially if you use encryption to further protect it from unauthorized access. I'd still recommend using a phone app/email for 2FAs as a fallback (and don't forget those recovery/backup codes).
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.