The most common 2FA tools used by Android users are Authenticator, Authy, and some other alternatives which I don't know of. I have been privileged to use both Authenticator and Authy to an extent, and I can always stand for Google Authenticator because I used it until the last few hours of yesterday.
I didn't uninstall or stopped using it because of an issue. But, because I have only seen a better, easy to use, and a tool that gives me options to tweak how I want it to look.
In today's blog post, I will be introducing to you Aegis Authenticator; The best 2FA Android app. Yes! I meant what you read. Aegis Authenticator is a newcomer in the market. But, it's definitely my best 2FA tool, and you'll surely agree with me after reading this blog post.
One Quick Question For You:
Why Are You Using The Current 2Fa app On Your Device? Is it because it is hyped? Because you read it somewhere to use Authenticator because it's developed by Google? Or maybe You don't even have any 2FA app yet? And you're looking for one to use? Welcome to the article that will stop you from searching.
If your response is, Yes to the first two questions, or you have other reasons for using the current 2Fa app on your device? I'm reminding you at this juncture, that you're about to get introduced to the most user-friendly 2FA tool.
What Is Aegis Authenticator?
Aegis is an alternative to the two most used (Google Authenticator and Authy) and other factor authentication apps. It's an alternative in the sense that it helps to save TOTP (time-based OTP) and HOTP (HMAC based OTP) algorithms for different users accounts. But, it's far better than these so-called top authenticator apps. We'll be looking at its features in the next paragraph. Aegis is an open source project by Beemdevelopment. Your ideas are contributions are always welcomed.
This is the most interesting part of the project, as we are about to look at its unique features, while we leave the common ones. The unique features are the features it uses to surpass its competitors.
As we all know by now that any 2FA tool is aiming at improving the level of security it provides to its users. And I'm extremely glad about the way Beemdevelopment developed their app to solve the issues faced by their competitors.
Below are the features, or things you can do with Aegis.
- Encryption (AES-256)
- Password (scrypt
- Fingerprint (Android Keystore)
- Screen capture prevention
- Tap to reveal ability
- Scan QR code
- Enter details manually
- Import from files
- Custom or default icons
- Drag and drop
- Custom groups
- Advanced entry editing
- Import from apps (requires root):
- Google Authenticator
- Export (plaintext or encrypted)
- Light theme
- Dark theme
- Amoled / true dark theme
My personal View and experience
I just realized the great features I have been missing on Google authentication after I started using Aegis. Although, they both look alike, but believe me, the features advantages on Aegis are better.
Firstly, the feature I noticed during installation was surprising, as I was asked to enter a password before I could finish the app set up. I tried bypassing this stage, but it's not possible. After setting up the password, I was able to view the home screen.
I have been using Google Authenticator for years without feeling excited about how it looks. But, I felt as if I was on another planet with the way Aegis's home screen looks. It's clean, cool and attracting. This is how it looks like after installation.
There are different ways to add/encrypt a token on Aegis and isn't different from that of Google's. The options are the same. The fastest way to add a token is by scanning the codes with the QR code scanner. The other option is by adding the codes manually. I decided to use the manual option because I was looking for more differences between the two apps. And finally, I found the second difference. The images below show the manual interfaces to manually add a token to both apps.
I was able to tweak my token with the manual entry options on Aegis. Google Authenticator doesn't give users options to select the number of digits to be displayed, to select the type of algorithm to use, t choose the desired duration of time the token changes, or to set a group name of a token. Also, there's an option to upload a profile picture for your token, which is lacking also lacking on Google Authenticator's page.
The options mentioned above are easy and straight forward to use on Aegis. There isn't much difference between both screens. The images below show their similarities except that some of Aegis's tokens are longer, and there's is an option to sort the codes and a profile picture attached to each of the tokens.
As I have said in one of the paragraphs above, that Aegis improved the level of security it provides to its user when compared to that of Google's.
The developer provided an option to enable users to lock the app home screen. This option is not available on Google Authenticator. This means anyone with the aim to use the codes generated from Google authenticator can easily do that, which isn't possible with Aegis. Once the home screen is locked, it requires the default password entered during installing to unlock the vault.
During the process of entering a token manually, I was asked to give the token a group name. At first, I was wondering what type of option is this? But ended up realizing its another unique option. The name isn't compulsory, but it's always helpful to include a group name while setting up a profile. Aegis has a button on the home screen which users can use to sort tokens according to their group titles.
I found the grouping feature very useful. Because, I categorized my tokens according to the nature of their usage. For example, I grouped my banks token with the title Banks, while my trading platforms tokens were grouped with the title Exchanges. So, sorting the tokens one the home page according to their group titles will only display the token under that group. The introduction of the feature will further make the app home screen look neater, as it doesn't display the whole tokens at once.
Back to the security level of Aegis. As if the introduction of the home screen lock wasn't enough, the developer also added the fingerprint scanner. This feature will definitely be useful for everyone, as entering the password more often can be tiring.
I have been wondering why is Google still allowing users to take screen recording and screenshots on the Authenticator. Most of the latest privacy apps on my phone doesn't allow this action. I am glad Aegis didn't follow Google's step on this. There's an option to allow/disallow screen security from settings.
The last feature that proved how the security level has advanced, is the option on the settings page which allows users to hide tokens from displaying on the home page. After this option is enabled, the token can always be shown when tapped from the home screen.
This feature makes a lot of sense to me. The person next to me might be seeing my device screen, but won't be able to read the tokens.
Lastly, the most amazing part about Aegis is its compatibility level. Do you know that there's an option to import database from a file? Do you also know you can export your tokens as a database?
These are Additional features that are present in this newcomer app. The development of this app is way too standard than Google's Authenticator or other alternatives.
Are you a user of Google Authenticator, and you would love to switch Aegis but you're reluctant to type and scan your whole tokens again? Don't worry about it, because Aegis will be able to automatically import your tokens directly from Google Authenticator. Although, this feature requires root access.
The developers of this project are super active on Github and we'll be getting new updates soon. Version 0.2.2 was released 3days ago as of when I was making this post. There are also more updates coming in the next release. Some of which are;
- Russian translation update.
- Reduction of the text boxes.
- The inclusion of An option to back up to Google drive or other alternative drives.
Thank you for stopping by to read my blog. see you next time. Bye.