This is my favorite cross-platform 2FA app, and you should it try too

When a sizeable chunk of online attacks involves weak passwords and unauthorized account access, second-factor authentication (2FA) is one of those magic bullets that can save your digital life from getting compromised. But they’re only usable if they don’t become an inconvenience themselves.

Inconvenient — that’s exactly what a lot of 2FA apps have been for me. Some wanted to lock me down to their app, some had themselves been compromised, while others weren’t available on all the platforms I use. So, I was just jumping from one app to another whenever one started to trouble me enough.

My hunt has finally come to a rest, thanks to this 2FA app, Ente Auth, which I think is (almost) perfect. One that my inner tech support guy is going to recommend to my family without thinking twice. And I figured I’d bring it up with you guys too — not to sound cheesy, but you’re family too.

I’ve never been a fan of the one-time password (TOTP) feature being built into password managers (like 1Password or Apple Passwords). That defeats the very purpose of “second” factor authentication by putting everything in the same app for the sake of convenience. While the password managers I’ve used — Enpass and Bitwarden — do have the option to link TOTPs to each of my saved credentials, I consciously decided to use a separate 2FA app.

Like every single person who’s felt the need for extra digital protection, I started off with Google Authenticator. As with several things Google, Authenticator is basic but still a solid place to start. It’s better than not using two-factor authentication at all. However, back in the day, it worked offline, so moving between devices became particularly difficult, especially for someone like me who needs to do that often. And it felt deprived of features compared to what the competition offered.

I went on a spree to de-Google my everyday apps a few years ago, and that’s when I found Aegis — a solid, open-source alternative to Google Authenticator. It had a clean interface and gave me the peace of mind of being completely local. But it still felt cumbersome when it came to cross-platform use. I had to manually move backups, and when I tried to switch to the iPhone 16 Pro Max last year, I learned that Aegis doesn’t offer an iOS app.

It was time to find another app. My search ended with Ente Auth — the 2FA app from the same folks behind Ente Photos, a privacy-first Google Photos alternative without the big tech tracking that my colleague Rob loved. When I came across it, I immediately started looking for a catch, because how can an app be such an all-rounder and still fly under the radar? And I instantly regretted not discovering it earlier.

Ente is the best of both worlds

It’s only now that I realize how actively involved I was in making Aegis work, especially with the lack of a proper sync feature. Meanwhile, Authy was out of the question due to its data breach last year, and Google Authenticator is, well, still Google Authenticator.

Ente Auth truly offered me the best of both worlds. It was super easy to import my codes from Aegis — I was actually worried about needing to manually set up 2FA on all my hundred accounts if the transfer didn’t work as expected. But thankfully, the process couldn’t have been smoother. I got started within minutes!

But more importantly, Ente Auth is a breeze to use. I don’t have to worry about taking a backup every few weeks and manually uploading the latest to the cloud just so that everything stays up to date. The app takes care of it with real-time sync — something that works as smoothly as Google Drive syncing your files everywhere. And if you’re wondering, these backups are entirely end-to-end encrypted. More importantly, Ente Auth is open source, with independent audits proving its security — a critical brownie point for an app handling such critical data.

What I still haven’t gotten used to is that I can access my codes anywhere. With 2FA apps, I’m conditioned to picking up my phone to copy the code or manually type it on my desktop. But every time I’m on my Mac and need to open Ente, I’m reminded that I can use the desktop app too. It’s that much easier when you need to punch in those ephemeral codes 10 times a day.

Ente Auth is overall a well-regarded app, and I can vouch for that general sentiment with my own experience. However, it still frustrates me at times. For instance, despite using it for close to a year now, I have no clue what the quick gesture to directly copy the TOTP is. Is it a single tap, a double tap like Aegis, or a long press? I know all of these do something, but I don’t know what does what. So, on most days, I end up trying all three and hoping it’s picked up the code.

While that’s on me (only partially, okay?), I feel Ente needs to up its own security — especially since it relies on an email-password combo to sync your data. A solid way to do that would be letting users secure their account with a physical YubiKey for an ironclad vault. But maybe that’s something for another day.

If you want to start using two-factor authentication (yay, welcome to the safer side of the internet!) or are looking for an alternative to your current setup, Ente Auth would be my top recommendation. It doesn’t have any more of a learning curve than Google Authenticator and syncs your codes in perhaps the most secure way known to the internet, at least on the consumer side.

For a solid strategy to keep your accounts safe from prying eyes, just use a reliable password manager to generate strong and lengthy passwords, pair it with Ente Auth (or whatever 2FA strikes your fancy), and you’ll be good to go. That’s pretty much all most of us need — because digital safety shouldn’t feel like a chore.