認証アプリとは何か、どのように機能するのか？

What Are Authenticator Apps and How Do They Work? - Keeper Cyber Week Sale : New Users Get 50% OFF Personal & Family Plans! Buy Now Black Friday Sale : New Users Get 50% OFF Personal & Family Plans! Buy Now View All Blogs What Are Authenticator Apps and How Do They Work? Cybersecurity Subscribe to Blog Share this blog 3 min read Published on July 20, 2023 Written by Aranza Trevino Edited by Anne Cutler Reviewed by Darren Guccione Updated on April 10, 2025. An authenticator app is a secure and easy identity verification method that generates number codes you enter alongside your credentials to access an account. Experts recommend using Multi-Factor Authentication (MFA) on every account where it’s available to increase security and better protect your data. An authenticator app is a free, simple and secure way to use MFA, and most accounts with security settings offer it as an option. Continue reading for details on how authenticator apps work and how to use them. How authenticator apps work Authenticator apps work based on the Time-based One-Time Password (TOTP) verification model. Here’s a step-by-step of how it works: Setup : When you enable MFA, the account server generates a secret key, shown as a QR code. You scan it with your authenticator app, which securely stores the key. Shared secret : Both the server and your app now share the same secret key. It’s never sent over the internet again and remains private. Code generation : The app uses the secret key and the current time to generate a 6-digit code that refreshes every 30-60 seconds using the TOTP algorithm. Login process : When you log in, you enter your username, password and the code shown in the app. Server verification : The server uses the same key and time to generate its own code. If your code matches, you’re granted access. If not, access is denied. Learn more about what a TOTP is and how it works. Are authenticator apps secure? Authenticator apps are secure because they keep the code local to your device and use encryption to protect the stored secret key. This means the codes aren’t transmitted over the internet, which makes them resistant to common attack methods like phishing, SIM swapping and Man-in-the-Middle (MITM) attacks. Additionally, since the codes reset every thirty to sixty seconds, it’s extremely difficult for cybercriminals to steal or reuse them. Some authenticator apps, such as Authy and Microsoft Authenticator, offer features like biometric lock to secure your authenticator app with an extra layer of security. What to consider when choosing an authenticator app Not all authenticator apps are created equal. It’s important to do research before choosing one to make sure it suits your needs. Here are some questions to ask yourself when choosing an authenticator app: Does the app encrypt your secret keys and backup data? Can you lock the app with Face ID, fingerprint or a PIN? Can the app generate codes without internet access? Does the app offer an easy and secure way to recover access in case you lose your device? 💡 Did you know? Some password managers like Keeper have built-in support for generating 2FA codes . This lets you manage both your passwords and authentication codes in one place, which can help you stay organized and streamline logins. How to set up and use an authenticator app Here’s how you can easily set up and start using your authenticator app: Choose your authenticator app. We recommend using a password manager , but you have a few different options to choose from. Choose whatever is easiest for you to use and download the app on your phone. Request a QR code from your account. This can usually be found in the security settings of the account you want to secure under your MFA options. Scan the QR code with the authenticator app. The application you’re using will use either the device camera or a screenshot function to scan the QR code. You’re ready to go! Now that your authenticator app is set up, you can use it to log in to your account. You do this by entering the 6-digit code displayed in the app after you’ve entered your username and password. The code changes every 30 seconds, so make sure to enter it quickly before it expires. If the code matches the one generated by the server, you’ll be granted access. Use authenticator apps to strengthen your accounts Authenticator apps are highly secure and easy to set up and use. We highly recommend the use of an authenticator app for MFA. Keeper Password Manager integrates authenticator app functionality right into its application, which streamlines your cybersecurity and makes it easy to secure your accounts. Start a free 30-day trial of Keeper Password Manager to see how we can make your online life more secure. Aranza Trevino By Aranza Trevino Aranza Trevino is the SEO & AI Search Manager at Keeper Security. She combines her background in digital marketing from DePaul University with a passion for cybersecurity to create content that helps people and businesses stay secure. Her writing covers everything from password best practices to Privileged Access Management (PAM), with a focus on making technical topics easy to understand. Jump to Section Get the latest cybersecurity news and updates sent straight to your inbox View Editorial Policy Share this blog You May Also Like Why Identity Security is Key To Managing Shadow AI Written by Ashley D'Andrea Employees are adopting Artificial Intelligence (AI) tools to enhance their productivity, but they rarely consider the security implications of doing so. When an employee pastes sensitive Continue Reading Withdraw Cookie Consent We value your privacy We use cookies on our site to give you the best browsing experience, serve personalized ads about our products and content, and analyze website traffic. To learn more, please refer to our Privacy Policy . Decline Accept Withdraw Cookie Consent We value your privacy We use cookies on our site to give you the best browsing experience, serve personalized ads about our products and content, and analyze website traffic. To learn more, please refer to our Privacy Policy . Withdraw Cancel Accept Decline Platform Platform Products Password Management Enterprise Business Personal Family Privileged Access Management KeeperPAM Endpoint Privilege Manager Secrets Manager Connection Manager Remote Browser Isolation Managed Service Providers (MSPs) Password Manager for MSPs Privileged Access Manager for MSPs Public Sector Compare Keeper vs CyberArk Keeper vs Delinea Keeper vs BeyondTrust Keeper vs 1Password Keeper vs LastPass Keeper vs Bitwarden View All Technology Security Features Integrations Developers Trust Center Keeper DNA Solutions Solutions Use Cases Privileged Access Management Secure AI Agents Secure Remote Database Access Privileged Session Management Zero-Trust Security Password Management View all Industries Manufacturing Healthcare Universities Federal Government Financial Services Retail View all Pricing Pricing Privileged Access Management Password Management Secure Add-Ons Personal and Family Student Military and Medical Download Resources Resources Product information Documentation End-User Guides Case Studies Product Data Sheets Keeper 101 Videos MSP Admin Guide Resources Webinars Research Reports Public Sector Resources Cybersecurity Glossary Cyber Threats Database Passkeys Directory Infographics Sitemap Free Cybersecurity Tools Personal Free Dark Web Scan Business Free Dark Web Scan Secure Password Generator Secure Passphrase Generator Keeper ROI Calculator Encrypted Messaging App Contact Contact Support Business Sales Newsroom Call Us Blog Partners English (US) Buy Now Try It Free English 日本語 Español Português Nederlands Deutsch Русский Polski 简体中文 Italiano العربية Français Spanish Latin Personal and Family Protect yourself and your family from cybercriminals. Start Free Trial Business and Enterprise Protect your company from cybercriminals. Start Free Trial MSPs Protect your MSP organization, your end customers and add new revenue streams. Start Free Trial