I am big on MFA – whenever it is available you should use it. Although multi-factor authentication can have it’s issues, it is still an effective barrier between you and credential compromise.
I do not, however, care about which authenticator app you use, as long as it comes from a verifiable source, so generally we point people at the Microsoft or Google versions. Both are available for iOS and Android, both work with each other’s services and everyone else’s as well.
Now the Google version has had a useful functionality upgrade.
Google Authenticator now backs up your 2FA codes to the cloud (bleepingcomputer.com)
However as the app is backing up highly sensitive data, I am holding off on my advice on doing this until I have looked at the system and checked it out.
Your takeaway on MFA
At the very least, and I mean at the very least, everyone needs to have multi-factor authentication enabled on your business Microsoft 365 and Google work accounts.
Get that checked now.
Then there is WordPress, Amazon etc..
Just get them all done…
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Something you know, something you have or something you are.
What is Credential Stuffing and why is it a problem for you?
