Quick access to your 2FA codes ... with this simple trick

If you’re like me and always opt-in to two-step verification on any online service offering it, you probably have at least 15 and possibly up to 50 of these one time passwords (TOTP codes). And then finding the right one becomes quite a challenge. But fear no more with this simple trick that shows you the right code every time.

2FA QR and Authenticator

Five to Seven 2FA codes are fine but…

Does your Authenticator App look indeed like mine (see above) after some years of gladly accepting invitations to set up two-step verification? Then you too experienced the hassle of opening your Authenticator App, scroll and locate the appropriate line with the right account and site, and then keeping an eye on that six-digit code while quickly typing it before its timer runs out and the next code appears 😱.

Browser toolbar

With the Authentiq ID app and its companion browser add-on Authentiq 2FA, this becomes much much easier:

  • click on the orange <a> button in your browser toolbar
  • open the notification which arrives on your phone
  • that’s it! the code is revealed.

Bonus: even after 30 seconds, the code remains visible as almost all sites will accept a code that expired a few seconds ago, thus reducing FOMO (fear of missing one-time-password).

How it works

You may feel it’s strange that the browser button “knows” your 2FA, and it would indeed be wrong if it did, but this browser add-on merely nudges the Authentiq ID app on your phone to display the right 2FA by sending it a hint: When you click the browser button, the add-on reads the URL from the address bar, finds the domain, strips off .com, .edu, and any other top level domain suffix, and sends this string off to your phone.

On the phone, a notification is presented, and when opened (if needed first authenticating you with your fingerprint, FaceID or passcode as usual) showing the best match for this hint.

When both the phone and App are unlocked, and exactly one match is found, the code is shown in the notification right away, saving you the extra step of opening the app. Again, at no point the actual code is known outside your phone until you enter it on the site you’re visiting.

Installing the App and Browser add-on

For this to work, you need to:

  1. Install the Authentiq ID App (iOS, support on Android follows soon) and use it to store your 2FA secrets.
  2. Add your email address or phone number to the App and verify it is yours.
  3. Install the Authentiq 2FA add-on in your browser (currently available for Chrome and Firefox, Opera under review, Safari planned).
  4. Then in the Browser add-on, use the same email or phone number to link the add-on to your app. See below.

Browser toolbar

The next time you sign in to a site where you enabled two-step verification, just hit the Authentiq button in your browser’s toolbar and the right code will appear on your phone.

But wait there’s more!

Next to the 2FA notifications, The Authentiq ID app offers additional 2FA features:

  • Search for 2FA codes by name or account
  • Encrypted Backup to your phone’s cloud account (iCloud or Android)
  • Paper backups, for additional safety or for those of you disliking cloud backups
  • Method for sites to send the 2FA notifications directly, without the need to install the browser add-on
  • Method for sites to send the 2FA Secret to the App directly, no need to scan the QR code.

Next to 2FA, Authentiq offers easy to integrate, delightful and passwordless authentication, without central storage of profiles or credentials, so do check out those features too.

About Authentiq

At Authentiq we are dedicated to building effortless, passwordless, delightful, decentralized authentication and identity solutions. We believe you should own and control your identity data, and these solutions should store as little as possibly in the cloud while providing the best user experience.

Stan P. van de Burgt
co-founder Authentiq.com