MFA is required for all web-delivered systems/services at the company. With the shift to remote work, we were more dependent on users' own devices than in the office. As such, we needed flexibility in the authenticator apps they used. Google Authenticator is trusted, and well known, and some users in the organization were already using it for their own personal use cases. It was an easy fit, while directly addressing the security needs of the organization.
Pros
Ease of use - users find it simple and intuitive to use.
Lightweight - it's not a bulky app.
Secure - it's trusted to stay up to date using the latest security protocols, etc.
Cons
The UI could be prettied up a little - adding logos/icons to match the services.
More flexibility to rename and reorganize the codes/accounts would be beneficial.
"Favoriting" certain codes would make access easier - perhaps via 3D touch, say.
Likelihood to Recommend
It is supported by virtually all cloud-based software applications for business. I am happy to allow users to use this in addition to other authenticators. Certainly, if your business is in the Google cloud it makes sense, but my approach to the remote/virtual work world these past couple of years has been structured flexibility. Leaving some choice up to the users for their own comfort, particularly when they are using their own devices. I cannot think of a scenario where it is less appropriate - perhaps where you run the risk of "app sprawl". I.e., where you are requiring users to handle multiple authenticators (which can happen with certain pieces of hardware) you may want to encourage consolidation into one to avoid frustration.
VU
Verified User
Manager in Information Technology (Renewables & Environment company, 51-200 employees)
