This article covers a free two-factor authentication open-source alternative to Google Authenticator. Google Authenticator is an authentication app that generates a code on your phone which you need to login for 2-step verification. If you don’t already know how to use Google Authentication, you can check out our article on that here.
andOTP – Android OTP Authenticator is similar two-factor authentication app which does the same thing. Unlike Google Authenticator, this app is open-source and available for Android only at the moment. It implements Time-based One-time Passwords (TOTP) and HMAC-Based One-Time Passwords (HOTP) for verification. The HOTP method is currently in beta phase. You can either scan a code to add two-factor authentication to this app or set it up manually. In manual mode, you get to define the OTP type, label, server, tags, refresh period, and encryption type.
Since this app doesn’t use an account to sync data, it saves it locally on your phone and allows you to take a backup or import existing backup. For data security, it encrypts the backup storage either by Android KeyStore or Password/PIN. On top of that, you can also protect this app from unauthorized use either by adding a PIN or biometric lock.
Two-Factor Authentication Open Source Alternative to Google Authenticator
Setting up this app for two-factor authentication is fairly simple and easy. Basically, you have to open the service where you wanna use it and scan the QR code to add it as a two-factor authenticator. Different services have either same or slightly different procedure to add an authenticator app for two-factor authentication. Here, I’m gonna show you the setup process for Google account. You can use the same for any other service.
How to Setup andOTP for Two-Factor Authentication?
To setup andOTP and an authenticator app for your Google account first, you have to enable the 2-step verification option. Go to the Security options of Google account and enable the two-step verification. Do note that, in order to add an authentication method to your account you first have to complete the phone number based SMS/voice setup. It sends you an OTP on your phone and enables the SMS/Call based verification.
Once the SMS/Voice method is set up, you can access the other alternative and set up them to replace the SMS/Voice method. To do that, go to the 2-Step Verification section again. This time, it shows you a list of alternative options that you can use for verification.
Scroll down to the list to find an Authenticator app option and click SETUP to configure it. When you do that, it prompts a window on your screen asking whether you use an Android phone or iPhone. In this particular case, select Android and click the Next button.
The next step shows you a QR code which you can scan to add an authenticator app to your account. At this point, open the andOTP app on your phone and select the Scan QR Code option by tapping on the + icon.
Doing this will connect your Google account 2-step verification with this app. Now, whenever you log in to your Google account, you have to enter the code generated by this app along with the password in order to log successful.
Similarly, you can configure this app with other services and set up two-factor authentication. Apart from scanning the QR code, you also manually add a service by defining type (TOTP/HOTP), label, server, tags, time period, digit, and encryption algorithms.
Get andOTP app for Android here.
andOTP is a useful two-factor authentication app that you can set up for almost any service that supports the authentication app for user verification. It doesn’t send your data to cloud or server instead it saves it locally on your phone in encrypted form. On top that, it’s open-source which makes it a perfect choice for those who are concern about their data privacy.