We all know the strong competition between Microsoft and Google and how ruthless it is at times. Because of it, Google has chosen not to develop Windows Phone apps for most of its services. Therefore, the Google Authenticator app that's requested by many services for two-step verification is missing from Windows Phone. Since two-step verification is a very common method for securing all kinds of accounts, being able to use a Google Authenticator clone on Windows Phone is very important. Fortunately for us Windows Phone users, Microsoft has our backs and they have developed their own Authenticator app and published it for free. Here's how it works:
Why So Many Websites & Services Ask You to Install the Google Authenticator App?
Because Google was one of the first big tech companies to implement two-step verification for their customer's accounts. They also developed a Google Authenticator app that's available on almost all mobile platforms except those developed by Microsoft. Since Android is so huge in terms of market share, the Google Authenticator app has become a standard in people's minds and everyone recommends that you use it.
Technically speaking, there's nothing special about this app because it uses a documented standard for two-step authentication: the Time-based One-time Password Algorithm (TOTP). Therefore anyone can make an app using the same algorithm.
According to this standard, the Authenticator app provides a random six digits one-time password that you enter in addition to your username and password, to log in to all kinds of services, including Google's and Microsoft's services. This six digits password is valid for 30 seconds. If an attacker steals it then, within 30 seconds, it will be useless. This is great from a security perspective.
When a website mentions using a Google Authenticator app, don't despair. You don't really need Google's app, only an app that uses the same algorithm to generate passwords.
Where to Find Microsoft's Authenticator App
On the Windows Phone Store, if you search for Google Authenticator, you will find lots of apps made by different developers and companies. Some of them are not even free. Most probably they work just as well, because they use the same standard as Google does but why use them if you have a free app, developed and actively maintained by Microsoft?
In the Windows Phone Store, search for Authenticator and tap the app made by Microsoft Corporation. You will find it here: Authenticator.
Install it and start it up.
How to Use the Microsoft Authenticator App
The first time you use the app, there are no accounts created. To set up a new account, tap the add (+) button.
You are asked to enter the account name and the secret key provided by the service for which you are enabling two-step verification. You can type these values, if they are provided to you.
However, the most common method for enabling two-step verification involves scanning a QR code. To scan it, tap the camera icon on the bottom (named scan) and wait for Windows Phone to prepare the camera.
Position the phone so that the barcode is visible on the camera and Windows Phone will scan it immediately.
If the scan was performed successfully, you are shown the account name proposed by the app for the service where you just enabled two-step verification. The name starts with the name of the company providing the service, followed by the email address associated with that service. This name is editable and you can change it with any value you wish to use.
Then, press the save button.
You are back to the main screen of the Authenticator app where you can see the newly added account and the 30-seconds password generated for it. Enter it when requested by the service for which you enabled two-step verification.
You can also copy the password to the clipboard and paste it inside another Windows Phone app where you need to use it. Simply press and hold the account you are interested in. A contextual menu is shown with only one option: copy to clipboard. Tap on it, switch to the app where you need to use the password (if you need any help with that, read this article: Windows Phone: How to Switch Between Apps Like With Alt-Tab in Windows) and paste the password before its 30-seconds of validity expire.
To add new accounts to the Authenticator app, tap add and follow the same steps described above.
How to Edit or Delete Accounts in the Microsoft Authenticator App
You can change the accounts you've added to the Authenticator app at any time. For example, if you tap an account, you are taken to a new window where you can change its name.
Type the new name you want to use and press Save.
If you want to delete that account, after opening it, tap Delete. A confirmation dialogue is displayed, asking if you really want to delete that account. Tap ok if you do or cancel if you don't want to delete it.
How to Turn On or Off the Automatic Time Correction
One of the key aspects of the two-step verification algorithm used by this app is that your smartphone's local time must be in sync with the servers and services asking you to enter the 30-seconds passwords it generated. If they are not, then you will not be able to login to the apps and services where you are using two-step verification.
In the Microsoft Authenticator app, tap Settings. Here you will find a switch for enabling automatic time correction.
I strongly recommend that you leave this turned on, so that you have no issues when using this app. This setting enables the app to constantly verify time inaccuracies between your smartphone's internal clock and Microsoft's servers. It establishes the exact time difference between them and it takes it into consideration when generating the passwords you are using.
Services Where Microsoft's Authenticator App Works
I've tried this app with all the services I am using on a regular basis: Microsoft, Google, Buffer, MailChimp's AlterEgo and LastPass. It worked perfectly every time.
Services Where Microsoft's Authenticator App Doesn't Work
Microsoft's Authenticator app will work with any services that implemented the Time-based One-time Password Algorithm (TOTP) I mentioned earlier. This means that it works everywhere you are asked to use the Google Authenticator app.
However, there are also other algorithms and standards for two-step verification and some companies will these different standards. For example, Blizzard's Battle.NET Authenticator service doesn't work using the same algorithms and you can't use the Authenticator app developed by Microsoft. Blizzard has developed their own special app for accessing their games and services: Battle.net Authenticator.
I hope you found this guide useful. If you have any questions about how this app works, don't hesitate to ask using the comments form below. Also, if you discovered other services where the Microsoft Authenticator app works, don't hesitate to share them. Other readers will find this information useful.