RCDevs' OpenOTP Token vs Google Authenticator

RCDevs’ OpenOTP Token App vs Google Authenticator

Industry Insight

RCDevs’ OpenOTP Token App vs Google Authenticator

RCDevs’ OpenOTP Token App and Google Authenticator both provide OTPs (One Time Passwords) for Multi-Factor Authentication (MFA), for your servers and accounts. A time-dependent multi-digit code is generated, which is entered when prompted, once you have submitted your username and password.

Google Authenticator is a very popular app and it is compatible with OpenOTP Security Suite. However, there are some important security and useful features that are missing in Google Authenticator.

 Let us compare RCDevs’ OpenOTP Token App vs Google Authenticator:

1. Push Notification

A push notification allows you to accept or deny an Authentication Request on your mobile phone. It is a more secure (being a transaction on your phone requiring an action on your part), elegant and user-friendly way to authenticate. When used with OpenOTP Security Suite, the user can receive Push notifications instead of having to enter a 6 digit code every time they log in. Google Authenticator has no push notification capability.

2. Phishing Protection

Phishing attacks are the most notorious and costly cyberattacks and they come in many shapes and forms.

OpenOTP Token App, when used with OpenOTP Security Suite, offers optional phishing protection. It compares your mobile phone location vs the IP address of where the push is originating from. If they do not match, an alert screen (see below) will be displayed on your phone, alerting you of a possible phishing attack. It could be that your VPN is routing through a different location, in which case you can approve the request and log in. However, if you did not request this log in, you can safely deny the request, preventing an intruder and a possible phishing attack.

This feature is not available when using Google Authenticator with OpenOTP Security Suite.

Phishing Protection

3. Voice Biometrics Authentication

Voice biometrics authentication is another OTP method, offered with OpenOTP Security Suite, using a person’s voice as a unique identifying biological characteristic in order to authenticate them. RCDevs’ voice biometrics authentication provides a unique combination of very high security and a natural user experience that works across all channels for 2FA.

If your computer does not have a microphone, OpenOTP Token App can be used as a microphone to authenticate. This is not a possibility using Google Authenticator.

4. Spoken OTP

RCDevs’ OpenOTP Token App can read the OTP out loud as an option. This is a great option for some users, making entering codes easier. When using Google Authenticator, this option is not available.

5. An extra layer of protection

With RCDevs’ OpenOTP Token you can add an extra layer of security to your app with biometric protection and/or pin code. Currently, this feature is only available in the iOS version of Google Authenticator, but not in their Android app.

Using Google Authenticator prevents Android users from having this essential security feature.

Moreover, the OpenOTP Token App provides the most secure enrollment procedure: the QR code is only used to initiate the procedure – which ends in RCDevs’ servers – and this QR code does not contain the cryptographic key, to prevent hacking thereafter.

How to move from Google Authenticator to OpenOTP Token App?

RCDevs’ OpenOTP Token App and Google Authenticator both work on OATH Event-based (HOTP) & Time-based (TOTP). You can use OpenOTP Token just the same way you use Google Authenticator.

Just download the free OpenOTP Token App (iOS and Android) and scan QR Codes when prompted by third party services or applications. Use tokens when needed. 

It’s that simple!

When choosing your software token app, make sure you weigh all the pros and cons, especially when both are free!