Q&A: Authentication apps can help thwart hackers

Dear Liz: I’ve heard that authentication apps are a better way to go than two-factor authentication that texts codes to your cell phone. Can you explain more?

Answer: Two-factor authentication adds an additional layer of security to financial, email, social media, cloud storage and other accounts. The first factor is something you know, which is a typically a password, and the second is something you have, such as a code that’s texted to you or generated by a device or authentication app.

The second factor is important, since passwords can be guessed or stolen in database breaches. Texted codes can be intercepted by hackers, so security experts recommend using an authenticator. Three popular apps are Google Authenticator, LastPass Authenticator and Microsoft Authenticator.

To use an authenticator, you must first enable two-factor authentication on the account you want to protect. Unfortunately, not every account provider offers two-factor authentication, although they should. You can find whether yours does at twofactorauth.org.

If the account provider supports authentication, you’ll typically be asked to take a snapshot of a QR code using the authenticator app to establish a connection between your account and the app. When you later log in to those sites, you’ll be asked to type in the code randomly generated by the app.

Any security approach can be thwarted, but the idea behind two-factor authentication is making your accounts hard enough to crack that most hackers will move on to an easier target.