Using MS Authenticator and Google Authenticator on Older Devices

Sydneyswans on 12/04/2023 - 20:54
Last edited 12/04/2023 - 21:41 by 1 other user

Can I get your advice on this one.

I work with a lot of let's just say "less tech savvy" clients in my day job however with the Optus, Latitude and Medibank hacks and multi factor identification the new norm, all clients are now required to have either minimum android 8 or iOS 14 on a mobile device so they can access okta verify or Google authenticator to log into online services. I was just wondering if you knew of a workaround for older devices. I'm aware you can use authenticators via desktop or laptop.

• 

  yippy on 12/04/2023 - 21:34

  +5

  Aegis on Android needs 5.0 and up. Much better than Google Authenticator.

  • 

    freefall101 on 13/04/2023 - 10:55

    Raivo is similar for iOS, not open source (sadly) but is a lot more user friendly and easier to switch devices (unlikely Google Auth, which is a massive nightmare to migrate away from).

• 

  Twix on 12/04/2023 - 21:36

  I would move them all off Google Authenticator. Google doesn't have a built-in cloud backup. If their phone is lost, stolen or broken they can get locked out of accounts if they don't setup a recovery method such as one-time offline account recovery codes. You can only transfer the accounts in Google Authenticator between multiple working devices.

  • 

    87percent on 13/04/2023 - 07:52

    -1

    I always thought 2FA shouldn’t be in the cloud??

    • 

      Twix on 13/04/2023 - 11:34

      That is what Google says. Microsoft, Bitwarden, Authy and so on all give you the option of a cloud backup. If you are going to use Google Authenticator you want it on at least two devices and check your account recovery methods are up to date.

• 

  7ekn00 on 12/04/2023 - 21:43

  +2

  Get them on to Authy, runs on devices and PCs with shared codes across them all so you always have access to it somewhere!

  • 

    tomclancy on 12/04/2023 - 22:51

    Another vote for Authy

    • 

      chartparker on 13/04/2023 - 11:09

      And another

• 

  CyberMurning on 12/04/2023 - 22:10

  +2

  omg do NOT use google authen. full stop. see above

• 

  Sydneyswans on 12/04/2023 - 23:39

  I just tested Authy with no issues but our company's documentation all makes reference to Google Authenticator and Okta Verify but at least we know it works.

  • 

    yoquierotaco on 13/04/2023 - 00:26

    +4

    They both work the same, take a 2FA token to generate a time-dependent 6-digit code. Anywhere Google Authenticator is accepted, Authy also works (same for 1Password and Bitwarden)

  • 

    Twix on 13/04/2023 - 11:40

    I hope there is a account recovery section in the doc. You don't want clients to get locked out of their accounts because of Google Authenticator.

• 

  yoquierotaco on 13/04/2023 - 00:19

  unlikely to work on older devices, but you can save and use MFA on passwords managers like 1Password and Bitwarden (not free version)

  • 

    nuker on 13/04/2023 - 12:05

    And KeepassXC and iCloud Keychain, both free.