As online accounts become more susceptible to hacks and cyber attacks these days, the demand for enhancing your account security has become ever more important. And, two-Factor Authentication (2FA) is a small step towards achieving this goal.
With 2FA, you need to enter a second passcode, in addition to your regular account password. The second passcode is generally a numeric code that changes periodically, and is generated from a different source (e.g., an app on your smartphone). By authenticating simultaneously through two different sources, the service confirms your identity, and allows you to access your account.
Google has its own version of two-factor authentication service, which is nowadays supported by various third party online services. The official Google Authenticator app is only available on iOS and Android platforms, with certain third party alternatives available for BlackBerry and Windows Phones. It implements the Time-Based One-Time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP) to generate unique 6-Digit authentication codes for each of the linked accounts, and doesn’t require Internet access to work.
Even though Two-Factor-Authentication is a more secure option, it could sometimes feel a little inconvenient to open up a smartphone app every time you want to login to a specific online account or service, on your computer. Also, if you somehow lose access to that smartphone, the process to restore access could be complex one; sometimes even resulting in a temporary lockout.
But in this article, we’ll explore a few workarounds to use Google Authenticator directly on the computer. Such solutions will also help address both the issues we discussed above. You no longer need a smartphone to authenticate yourself while using your computer. And if you lose any of your 2FA configured devices, you still would have a backup device to generate 2FA codes on.
Desktop clients for Google Authenticator
The following are some of the best Google Authenticator alternatives on Mac and PC:
Authy (Mac, iOS, Android, Chrome)
Authy is a RFC 4226 / RFC 6238 based 2FA client, compatible with Google Authenticator, available for macOS, iOS and Android. It also has a Google Chrome app & extension, so that it can run on just about any desktop OS.
Setting up the app is quite easy. Once you have installed the app, you will be asked to register a new account using your mobile number and email address. Authy will then send you an SMS to the registered mobile, containing a one-time-password (OTP). Once logged in using the OTP, you can start using Authy just like the original Google Authenticator app.
One of the best things we’ve found about Authy is that it allows you to backup the list of 2FA enabled accounts, which you have linked using the app. During the initial setup, the app prompts you to enter the backup password, which is used to encrypt the backup locally on your device, before being uploaded to their servers.
Once the backup has been completed, you can restore it on any other device, by signing into the Authy app with your registered phone number, and by providing the backup password. The backup would then be decrypted locally on your new device, providing access to 2FA codes for all your previously linked accounts.
With Backup & Sync enabled, you can simply link a particular 2FA-enabled service by scanning its QR code using the smartphone app, and access its authentication code on all your associated devices. And once a particular account has been linked, Authy can generate 2FA codes for it offline, just like the original Google Authenticator app.
You can also set a master password to prevent unauthorized users from accessing the Authy app. Unlike the backup password, you may set different master passwords for different Authy (Chrome, macOS, iOS or Android) apps that you use across different devices. Once master password is turned on for a particular Authy client (e.g., Chrome app, macOS app, etc.), you’d need to provide the master password every time you launch that client.
Although they have a dedicated Mac client for managing your two-factor keys (Windows version also coming soon), the Authy Chrome app looks and feels like an actual standalone app, and includes all of the product’s features. On the other hand, the Authy iOS app is TouchID enabled, which can be used to prevent unauthorized access to your two-factor keys. Likewise, the Android app also includes PIN or Fingerprint ID protection.
All the Authy apps are available to download for free from their official website.
Authenticator is a lightweight yet powerful Chrome extension that works with Google Authenticator supported services, and gives you the option to import or export your linked services on which Two-Factor-Authentication has been enabled. It can also sync data from your Google account if you have logged in.
Alternatively, you can add new online accounts to Authenticator, when you enable them for 2FA. This could be a manual entry, where you have to provide the Account Name and Secret Key, or you can automatically import the same details by selecting the image of the QR code provided by the particular service.
The extension lets you access the 2FA codes for your linked accounts by clicking on the extension icon next to Chrome’s address bar. There’s also the option to add a security passphrase to prevent unauthorized access to your token codes.
Authenticator is a free Chrome extension available on the Chrome Web Store.
GAuth Authenticator (Chrome)
GAuth is a simple Chrome extension that generates TOTP tokens by implementing HMAC-based OTP, and has been tested to work with the Google Authenticator service. Setting up GAuth is quite easy. But since it doesn’t have the ability to scan QR codes, you have to manually provide the Account Name and Secret Key for each account. Most services provide you the secret key in plaintext, along with the QR code. However, if the secret key is not available separately, you would have to decode the same from the provided QR code, using a QR code scanner on your smartphone. Once you have decoded the secret key, follow the steps below to add a 2FA account to GAuth Authenticator.
- Install GAuth Authenticator extension from Chrome Web Store.
- Launch the GAuth Authenticator on Chrome and click on the Edit icon on the top right corner.
- Click on the Add button below, and then enter the account or service name you want to link, and provide the secret key that you just decoded, in the second field.
- Click on the Add button again.
You should now be able to see TOTP codes getting generated for that particular account.
WinAuth (short for Windows Authenticator) is a portable, open source, RFC 6238 based HOTP code generator for Windows, compatible with Google Authenticator based 2FA services. It supports addition and display of multiple authenticators, each of which can be locked with a different password. Additionally, the data stays encrypted with an overall password, and locked to your Windows computer or account, or a YubiKey.
You can also import or export linked accounts in URI Key Format, and also import keys from Authenticator Plus for Android.
WinAuth can be downloaded for free from the official website.
Where to use Two-Factor-Authentication
Two-Factor-Authentication is a vital step in elevating the security of your online accounts. It is supported by various online services, including banking sectors, trading exchanges, cloud storage solutions and email services. Several gaming websites also implement Google’s Two-Factor Authentication as well.
Know of any other third party desktop clients for Google Authenticator? Let us know in the comments below.