Microsoft Authenticator vs Google Authenticator | Microbyte

Microsoft Authenticator vs Google Authenticator

Microsoft Authenticator vs Google Authenticator

Our digital lives in 2024 are increasingly complex. Effective security is essential to ensure nothing nefarious occurs. Manual password entry creates the risk of ‘shoulder surfing’ or other surreptitious methods used to discover your security information.

Using two-factor authentication (2FA) or multi-factor authentication tools (MFA), such as Google Authenticator or Microsoft Authenticator mobile apps, substantially improves your protection. It is an additional security layer from a mobile device that verifies the user authentication process. In the UK, it is required for financial accounts and some online transactions.  

2FA codes use numerical time-based codes displayed on a mobile app. These codes get replaced every 30 seconds and must be entered, as shown, on the primary device. In combination with a traditional username and password combo, they confirm access to your unlocked smartphone at that moment. The codes cannot be discovered and subsequently used to access accounts. They protect your online life using a safer methodology than using passwords alone. 

Two of the most popular 2FA mobile apps are Google Authenticator and Microsoft Authenticator. This article considers their usefulness, security level, features, and other factors. 

Microsoft Authenticator

Overview and Key Features:

At a basic level, Microsoft Authenticator (iOS/Android) supports time-based codes just like the Google Authenticator app. However, it does not stop there. This app includes biometric fingerprint scans to gain access to your security codes. Push notifications and one-time passcode support are also available. Access to modern Microsoft Windows OS versions is supported via password-less sign-ins. The app also securely stores sensitive data like payment information, addresses, passwords, and a verified ID system supported by some websites. Additionally, all security information is securely backed up online on both Microsoft Cloud and Apple iCloud services.

Pros:

  • Feature-rich, yet clean mobile interface.
  • Supports adding Windows Personal, Work, and School accounts as well as other account types.
  • Stores authentication codes, payment card info, passwords, addresses, and IDs.
  • Secure authenticator app access via fingerprint scan or Face ID for an additional layer of security.
  • Streamlined site logins via auto-fill feature.
  • Number-matching prompt support verification; to be shown on one device and entered on another. 
  • Storing data in the cloud allows for safe backup and easy recovery in case of phone loss or theft.

Cons:

  • Slightly more complicated on-screen interface because of a broader range of features.
  • Requires access to a Microsoft account to make use of all features.
  • Some users mistakenly think the app is only for Microsoft access; it can be used for other websites and software, too.

Google Authenticator

Overview and Key Features:

Unlike Microsoft’s offering, Google Authenticator (iOS/Android) maintains a simpler, no-fuss approach to two-factor authentication. This has contributed to its wide adoption. New addition requests are achieved either by scanning a QR code or entering a setup key. The account originator provides these, be it a banking institution, app, etc. Once set up, the counter-based or time-based code is shown. This changes every 30 seconds. 

The app lacks the multitude of security features present in the Microsoft Authenticator app, such as Face ID or fingerprint app unlocking. However, the much-needed ability to transfer accounts was recently introduced.

Pros:

  • Uncluttered user interface resulting in easier adoption for first-time users.
  • Zero data collection during use.
  • Number-matching prompt support across multiple devices.
  • Migrate accounts using a QR code via the Import/Export feature between mobile devices.

 

Cons:

  • No app-level security to hide time-based codes until after app unlocking.
  • No backup and restore feature.
  • Lacks one-time password (OTP) support.
  • No auto-fill capability.
  • Lacks features such as passwords, addresses, verified IDs, and payment card storage (despite a Google account being able to store payment information).

Head-to-Head Comparison

Authentication Methods:

Microsoft Authenticator provides time-based one-time codes and supports push notifications to authorise sign-in requests. For supported devices, codes auto-fill when using biometric authentication (Face ID or fingerprint scan). Biometrics also secures access to their authenticator app.

By contrast, the Google Authenticator sticks to its core function. Time-based codes via a 30-second refresh and counter-based codes are offered by default. A newer push notification feature supports number-matching prompts between devices.

Security Features:

Microsoft Authenticator is no sloth with security features. Along with time-based codes, it stores passwords for future logins. Additional ones are accessible from Google Chrome, or password managers such as Dashlane and 1Password in Google Android or another OS. Storing addresses, payment information, and verified IDs, help to speed up access for online shopping and other activities. 

The app makes use of the Azure Active Directory system and OneDrive for advanced corporate system support. Essentially, the app aims to be an all-in-one tool rather than a one-trick pony. 

Google Authenticator, on the other hand, remains steadfast in supporting a time-based 6-digit code to assist with logins. There is no autofill support to make that smoother. 

User Experience:

Microsoft Authenticator uses a familiar bottom toolbar to select between Authenticator, Passwords, Payments, Addresses, and Verified IDs. The primary interface is kept simple, but changes reflect the selected feature. It requires extra time to learn.

The interface for the Google Authenticator is elegant. Not so much because of the UI design, but as a direct consequence of the limited feature set.

Additional Features:

Microsoft Authenticator’s support for password management is convenient. Several other password manager apps limit free accounts to one device at a time. Potentially, this could result in maintaining one less paid subscription. For websites and supported devices, stored payment and address information eases checkout woes. The Verified ID feature is a welcome addition, where supported, for new sign-ups. It also syncs with the Microsoft Edge browser, which is handy.

Google Authenticator recently added a transfer account feature, making device changeovers easier. They also added support for number-matching prompts, making on-the-go authentications faster.

Microsoft Authenticator vs Google Authenticator
Microsoft Authenticator vs Google Authenticator

Ideal Use Cases

Microsoft Authenticator:

The Microsoft Authenticator is especially useful when using a Microsoft OS or online Microsoft sites/services. The auto-fill capabilities and streamlined authentication processes are a pleasure to use.

Offering a broader suite of security features, it is the Swiss Army knife of authentication apps. While individuals can simply use the 2FA time-based codes and nothing else, it is capable of so much more. This MFA app is a far better option, in a corporate setting, with a somewhat steeper learning curve.

Google Authenticator:

The Google Authenticator app is fast, simple, and uncomplicated. This app will get the job done if you are looking for a basic and free authenticator solution for improved security. 

It works seamlessly across many websites, not just ones within the Google eco-system.

Conclusion

For basic time-based codes and numerical prompts, Google Authenticator works fine. It lacks app-level security for temporarily unlocked devices. It will not store passwords, addresses, payment cards, or other niceties. Yet, to quote a classic UK TV advert, ‘It does what it says on the tin’.

However, individuals or companies requiring a robust MFA security solution would do better to look toward the Microsoft Authenticator. It is more secure, feature-rich, and designed to work within the Microsoft ecosystem.

Lastly, with integrators, it is important to consider your unique security requirements. You may discover that Google’s authenticator app is sufficient for your needs or that the Microsoft app is too complicated. Why not download both apps, install them, and give them a whirl? Microbyte would love to hear about your experiences.

Similar blogs

Why is IT support in Dubai so bad?

Why is IT Support in Dubai so bad?

With its impressive skyline, reputation for innovation and being at the forefront of tourism and international business, Dubai seems like the kind of place to have some of the best IT support in the world. Internationally connected and popular with businesses that are increasingly reliant on technology, the city is a tax-free, global expat dream….

Read More

Avatar photo

What is a Disaster Recovery Policy?

Recovering from a disaster requires proper planning. As the cliché goes, ‘Failing to plan is planning to fail’- a truism appropriate for incident responses in a business environment.  When critical business operations are under attack, having a disaster recovery policy is essential to establish the correct response. As a high-level strategic document, the policy informs…

Read More

Avatar photo

What is an IT Security Policy

What is an IT Security Policy

An IT security policy confirms the specific rules and correct procedures governing how employees and other parties may use the company’s IT resources. This type of policy details both what is expected and what actions are not allowed. Policies detail acceptable uses of IT technologies, controls limiting user access, accepted procedures, and the consequences for…

Read More

Avatar photo

A Guide to Responsible IT Asset Disposition

A Guide to Responsible IT Asset Disposition

IT asset acquisition requires careful consideration and post-purchase implementation. IT asset disposition (known as ITAD) involves the full lifecycle of an asset while owned by the business.   Every IT asset has a lifecycle. A home user might use a laptop for 4 – 5 years, but most companies expect a shorter lifespan. The equipment must…

Read More

Avatar photo

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

Having a reliable and efficient IT infrastructure is a huge asset to any business. Being able to rely on your technology and having professional support when you need it can set you ahead of the competition. As companies grow increasingly reliant on technology, Managed IT Service Providers (MSPs) offer an affordable, practical and efficient way…

Read More

Avatar photo

BAU IT Support

Business As Usual (BAU) IT Support

Business as usual (BAU) support represents regular work tasks within an IT department. They reflect tasks that key IT personnel perform to maintain technology systems with minimal potential disruption to business operations. BAU tasks may include routine tasks such as infrastructure management, network monitoring, software patching, hardware driver updates, and other responsibilities. Troubleshooting – working…

Read More

Avatar photo