How to set up a two-factor authentication app on your smartphone

2FA apps can be an easy way to improve your online security

Microsoft Authenticator 2FA app

Online security can be a daunting, but incredibly important thing many people have to manage.

With all the sites and online services people use on a daily basis, maintaining strong passwords and protecting yourself can be hard. Thankfully, there are some ways to bolster your security that aren’t terribly difficult to set up. Two-factor authentication, or 2FA, can be one such security item.

For those unfamiliar with 2FA, it’s a form of authentication that accompanies the use of passwords or other login credentials. The most common way people experience 2FA is when they log into a website and it sends a code to their phone via SMS.

While convenient, this version of 2FA isn’t as secure. Someone who spoofs your phone number could use this form of 2FA to get into an account. Likewise, hardware-based 2FA, such as through USB security keys, can also be difficult to manage for some people — not to mention you have to purchase the hardware.

Software 2FA is an excellent middle ground that uses an application on your mobile phone to generate random 2FA codes once every 30 seconds. When you log in, you check the app and enter the current code for the service you’re trying to access. Then it confirms the code along with your other authentication, such as a password, and lets you in.

However, setting up this kind of 2FA can seem daunting, so here’s a breakdown of how to do it.

How to set up 2FA with an app on your smartphone

First things first — you’ll need a phone and an app to set up 2FA. There are plenty of options available, but some of the more well-known options include Google Authenticator, Microsoft Authenticator and Authy. Further, some password manager services like Dashlane include built-in support for 2FA codes, while other services like Blizzard’s Battle.net uses its own app for 2FA.

Personally, I’d recommend using something like Microsoft Authenticator, as it works quite well for all services, is simple to use and offers cloud backup, which makes it easy when switching phones. One caveat with this is the iOS app uses iCloud for the backup, so if you switch to an Android phone, you’ll have the manually reconnect your services. Plus, if you use any Microsoft services, its Authenticator app essentially removes the need for a password entirely.

authentication app setup

Ultimately, use whichever platform you trust, as they all fundamentally work the same.

Once you’ve picked a platform and installed the app on your phone, you’ll have to start adding services. Many platforms offer support for 2FA. It’s best to start with services that are crucial, such as your email service or banking platform.

If you’re not sure if the website you want to add supports 2FA? Resources like ‘twofactorauth.org‘ and TeleSign’s ‘Turn It On‘ can help you find sites that support it and provide specific step-by-step setup instructions for enabling 2FA with a service.

In most cases, it’s a matter of logging into a service, going to Settings and clicking on ‘Security.’ Usually, there’s a 2FA option, although some services like Google use a different name, such as 2-Step Verification.

When you find the option, setup usually involves using the smartphone app to capture a QR code provided by the service, although in some cases you may have to manually type in a secret key. Either way, this connects the app and service. Then, the service asks for an initial 2FA key. Type in the one provided by the app for that service, and that should finalize the process.

In the future when you sign into the service, you’ll need to have that app handy with the 2FA code.

A bit of extra work for much more security

While setting up 2FA can take some effort, once it’s set up, you typically don’t have to worry about it anymore. As long as the app and service remain connected, you’ll be able to use the app’s randomly generated codes to log into the service.

Some online platforms will only ask for 2FA when the service has reason to believe users aren’t who they say they are. For example, Google tends to ask for a 2FA when I sign in on a new device, but signing in on a familiar device doesn’t require 2FA.

It’s also worth noting that 2FA alone won’t make you invulnerable to hacking, but it does go a long way in making you more secure online. This is especially the case when coupled with a password manager and strong, unique passcodes.

Finally, since 2FA is connected to your smartphone, make sure you take the time to disconnect and reconnect 2FA services when upgrading to a new device. While some apps, like Microsoft Authenticator, make this easy through cloud backups, not all apps offer this service.