Microsoft Authenticator vs Google Authenticator | Microbyte (2024)

Microsoft Authenticator vs Google Authenticator | Microbyte (1)

Our digital lives in 2024 are increasingly complex. Effective security is essential to ensure nothing nefarious occurs. Manual password entry creates the risk of ‘shoulder surfing’ or other surreptitious methods used to discover your security information.

Using two-factor authentication (2FA) or multi-factor authentication tools (MFA), such as Google Authenticator or Microsoft Authenticator mobile apps, substantially improves your protection. It is an additional security layer from a mobile device that verifies the user authentication process. In the UK, it is required for financial accounts and some online transactions.

2FA codes use numerical time-based codes displayed on a mobile app. These codes get replaced every 30 seconds and must be entered, as shown, on the primary device. In combination with a traditional username and password combo, they confirm access to your unlocked smartphone at that moment. The codes cannot be discovered and subsequently used to access accounts. They protect your online life using a safer methodology than using passwords alone.

Two of the most popular 2FA mobile apps are Google Authenticator and Microsoft Authenticator. This article considers their usefulness, security level, features, and other factors.

Microsoft Authenticator

Overview and Key Features:

At a basic level, Microsoft Authenticator (iOS/Android) supports time-based codes just like the Google Authenticator app. However, it does not stop there. This app includes biometric fingerprint scans to gain access to your security codes. Push notifications and one-time passcode support are also available. Access to modern Microsoft Windows OS versions is supported via password-less sign-ins. The app also securely stores sensitive data like payment information, addresses, passwords, and a verified ID system supported by some websites. Additionally, all security information is securely backed up online on both Microsoft Cloud and Apple iCloud services.

Pros:

  • Feature-rich, yet clean mobile interface.
  • Supports adding Windows Personal, Work, and School accounts as well as other account types.
  • Stores authentication codes, payment card info, passwords, addresses, and IDs.
  • Secure authenticator app access via fingerprint scan or Face ID for an additional layer of security.
  • Streamlined site logins via auto-fill feature.
  • Number-matching prompt support verification; to be shown on one device and entered on another.
  • Storing data in the cloud allows for safe backup and easy recovery in case of phone loss or theft.

Cons:

  • Slightly more complicated on-screen interface because of a broader range of features.
  • Requires access to a Microsoft account to make use of all features.
  • Some users mistakenly think the app is only for Microsoft access; it can be used for other websites and software, too.

Google Authenticator

Overview and Key Features:

Unlike Microsoft’s offering, Google Authenticator (iOS/Android) maintains a simpler, no-fuss approach to two-factor authentication. This has contributed to its wide adoption. New addition requests are achieved either by scanning a QR code or entering a setup key. The account originator provides these, be it a banking institution, app, etc. Once set up, the counter-based or time-based code is shown. This changes every 30 seconds.

The app lacks the multitude of security features present in the Microsoft Authenticator app, such as Face ID or fingerprint app unlocking. However, the much-needed ability to transfer accounts was recently introduced.

Pros:

  • Uncluttered user interface resulting in easier adoption for first-time users.
  • Zero data collection during use.
  • Number-matching prompt support across multiple devices.
  • Migrate accounts using a QR code via the Import/Export feature between mobile devices.

Cons:

  • No app-level security to hide time-based codes until after app unlocking.
  • No backup and restore feature.
  • Lacks one-time password (OTP) support.
  • No auto-fill capability.
  • Lacks features such as passwords, addresses, verified IDs, and payment card storage (despite a Google account being able to store payment information).

Head-to-Head Comparison

Authentication Methods:

Microsoft Authenticator provides time-based one-time codes and supports push notifications to authorise sign-in requests. For supported devices, codes auto-fill when using biometric authentication (Face ID or fingerprint scan). Biometrics also secures access to their authenticator app.

By contrast, the Google Authenticator sticks to its core function. Time-based codes via a 30-second refresh and counter-based codes are offered by default. A newer push notification feature supports number-matching prompts between devices.

Security Features:

Microsoft Authenticator is no sloth with security features. Along with time-based codes, it stores passwords for future logins. Additional ones are accessible from Google Chrome, or password managers such as Dashlane and 1Password in Google Android or another OS. Storing addresses, payment information, and verified IDs, help to speed up access for online shopping and other activities.

The app makes use of the Azure Active Directory system and OneDrive for advanced corporate system support. Essentially, the app aims to be an all-in-one tool rather than a one-trick pony.

Google Authenticator, on the other hand, remains steadfast in supporting a time-based 6-digit code to assist with logins. There is no autofill support to make that smoother.

User Experience:

Microsoft Authenticator uses a familiar bottom toolbar to select between Authenticator, Passwords, Payments, Addresses, and Verified IDs. The primary interface is kept simple, but changes reflect the selected feature. It requires extra time to learn.

The interface for the Google Authenticator is elegant. Not so much because of the UI design, but as a direct consequence of the limited feature set.

Additional Features:

Microsoft Authenticator’s support for password management is convenient. Several other password manager apps limit free accounts to one device at a time. Potentially, this could result in maintaining one less paid subscription. For websites and supported devices, stored payment and address information eases checkout woes. The Verified ID feature is a welcome addition, where supported, for new sign-ups. It also syncs with the Microsoft Edge browser, which is handy.

Google Authenticator recently added a transfer account feature, making device changeovers easier. They also added support for number-matching prompts, making on-the-go authentications faster.

Ideal Use Cases

Microsoft Authenticator:

The Microsoft Authenticator is especially useful when using a Microsoft OS or online Microsoft sites/services. The auto-fill capabilities and streamlined authentication processes are a pleasure to use.

Offering a broader suite of security features, it is the Swiss Army knife of authentication apps. While individuals can simply use the 2FA time-based codes and nothing else, it is capable of so much more. This MFA app is a far better option, in a corporate setting, with a somewhat steeper learning curve.

Google Authenticator:

The Google Authenticator app is fast, simple, and uncomplicated. This app will get the job done if you are looking for a basic and free authenticator solution for improved security.

It works seamlessly across many websites, not just ones within the Google eco-system.

Conclusion

For basic time-based codes and numerical prompts, Google Authenticator works fine. It lacks app-level security for temporarily unlocked devices. It will not store passwords, addresses, payment cards, or other niceties. Yet, to quote a classic UK TV advert, ‘It does what it says on the tin’.

However, individuals or companies requiring a robust MFA security solution would do better to look toward the Microsoft Authenticator. It is more secure, feature-rich, and designed to work within the Microsoft ecosystem.

Lastly, with integrators, it is important to consider your unique security requirements. You may discover that Google’s authenticator app is sufficient for your needs or that the Microsoft app is too complicated. Why not download both apps, install them, and give them a whirl? Microbyte would love to hear about your experiences.

Microsoft Authenticator vs Google Authenticator | Microbyte (2024)

FAQs

Microsoft Authenticator vs Google Authenticator | Microbyte? ›

Unlike Microsoft's offering, Google Authenticator (iOS/Android) maintains a simpler, no-fuss approach to two-factor authentication. This has contributed to its wide adoption. New addition requests are achieved either by scanning a QR code or entering a setup key.

Why is Google Authenticator better? ›

Google Authenticator has long been a go-to because it's simple and reliable. There are also some unique and valuable features, such as the option to export your account information securely using just a QR code. It also allows you to use a Google Account to back up your logins.

What is the disadvantage of Google Authenticator? ›

The fundamental problem is that, the QR-code that is shown to you on screen, is the very private key of your Google Authenticator set up. If that QR-code is snatched, any person on earth can generate your one time passwords without you even knowing. It's a fake sense of security you can't trust.

What is the better Authenticator app than Google? ›

Microsoft Authenticator: Best for a 'big-name' option

Available for both Android and iOS, Microsoft Authenticator offers a similar experience to Google's, working with both Microsoft and non-Microsoft accounts. No passwords are required. Accounts are accessible using a PIN code, fingerprint, or face recognition.

Is Microsoft Authenticator app more secure? ›

Strong authentication is needed by Authenticator app : Signing into Authenticator requires a second step. This means that your passwords inside Authenticator app are protected even if someone has your Microsoft account password.

Should I use Google or Microsoft Authenticator? ›

However, individuals or companies requiring a robust MFA security solution would do better to look toward the Microsoft Authenticator. It is more secure, feature-rich, and designed to work within the Microsoft ecosystem.

What is the best authenticator app to use? ›

The Top 5 Free Authenticator Apps Include:
  1. Apple Passkeys.
  2. Duo Mobile.
  3. Google Authenticator.
  4. Microsoft Authenticator.
  5. Twilio Authy.

Can I use Google Authenticator for a Microsoft account? ›

The Google Authenticator app generates time-based one-time passwords (TOTP) that can be used with the user's password to grant secure access to their Microsoft 365 account.

What is the security flaw in Google Authenticator? ›

A Google Authenticator vulnerability that allowed the programme to keep sensitive user data in the cloud was recently brought to light by Retool. According to Snir Kodesh, Retool's head of engineering: The fact that Google Authenticator syncs to the cloud is a novel attack vector.

Can hackers get through Google Authenticator? ›

In fact, authenticator apps don't even need internet access to perform their main function. All that a hacker can theoretically get is the actual one-time code that the system generates for you to enter. And this code is valid for just half a minute or so.

Which is the strongest 2FA method? ›

Hardware security keys like YubiKey provide the most secure form of two-factor authentication. Unlike SMS or authenticator apps which can be phished, hardware keys offer phishing resistant authentication by requiring physical possession of the key.

Which authentication is better? ›

More Secure: Biometrics. Biometric authentication methods rely on something you are. That makes them hard to steal, difficult to misplace or share, and impossible to forget. Users are comfortable with them, and they increasingly come built-in on our devices.

Is Microsoft Authenticator safe? ›

The authenticator app is a secure and convenient way to prove who you are. You can use the Authenticator app as a way to sign in if you forget your password. You can use the app to back up and restore all your other account credentials.

What is the disadvantage of the authenticator app? ›

Since the verification codes are generated within the app and not sent via text message, attackers cannot easily intercept them. However, there are some drawbacks to using authenticator apps. One of the main concerns is the risk of losing access to accounts if a user loses their device or accidentally deletes the app.

Do I really need the Microsoft Authenticator app? ›

Depending on your organization's settings, you might be able to use an authentication app as one of your security info methods. You aren't required to use the Microsoft Authenticator app, and you can choose a different app during the set up process.

Can Microsoft Authenticator track my phone? ›

The Microsoft authenticator does not track you and it does not log location data.

What are the benefits of Google authentication? ›

The safer way to sign in to all of your online accounts.
  • Simple and secure sign in, without passwords. ...
  • Effortless sign in across all your devices. ...
  • Next-generation account security.

What are the benefits of the Authenticator app? ›

The authenticator app is a secure and convenient way to prove who you are. You can use the Authenticator app as a way to sign in if you forget your password. You can use the app to back up and restore all your other account credentials.

Why are Authenticator apps more secure? ›

Authenticator apps generate 2FA codes locally on a device, rather than sending them unencrypted over text message. The 2FA codes in authenticator apps also change every 30 to 60 seconds, which makes them difficult for cybercriminals to steal. SMS authentication sends 2FA codes unencrypted over text message.

What should I use Google Authenticator for? ›

Google Authenticator is particularly useful with mobile tablets/phones with a cellular or Internet connection. In the event of a lost or disconnected mobile device, Google Authenticator also provides a list of non-expiring backup codes (during the initial configuration) that can be used.

References

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Tyson Zemlak

Last Updated:

Views: 6141

Rating: 4.2 / 5 (63 voted)

Reviews: 86% of readers found this page helpful

Author information

Name: Tyson Zemlak

Birthday: 1992-03-17

Address: Apt. 662 96191 Quigley Dam, Kubview, MA 42013

Phone: +441678032891

Job: Community-Services Orchestrator

Hobby: Coffee roasting, Calligraphy, Metalworking, Fashion, Vehicle restoration, Shopping, Photography

Introduction: My name is Tyson Zemlak, I am a excited, light, sparkling, super, open, fair, magnificent person who loves writing and wants to share my knowledge and understanding with you.