Appinions – Security

Appinions banner

A great app will keep you glued to your device. Whether it’s lifestyle, social media, utility, gaming, productivity or news; apps are an essential part of student life.
Each month we challenge our Student Digital Champions to delve into a new category, delivering fresh perspectives and making proclamations for essential applications. Which features are dumb? What should be at the tip of your thumb?

Written by Leah Parker, Georgie Pitts: Student Digital Champions.

Leah Parker Picture of Georgie

July 2022: Security

Cyber security could be viewed as being an overly complicated topic, and understanding where to start can be daunting. Yet all you really need to know to protect your device, is there are three essential types of app every student should be using: A password manager, Find my phone and Multi-factor authentication (MFA). Our Student Digital Champions are on hand to help you choose which app is right for you.

Insecure passwords can expose your personal details to fraud. Even your University of Bristol password needs to be secure. Authenticator apps provide an additional factor for security above passwords, so even if your secure password gets compromised this will provide a safety net. Staff already use MFA and this will be turned on for all students at the start of the upcoming academic year.

Microsoft Authenticator

Microsoft authenticator app icon

Microsoft Authenticator provides an easy, secure sign-ins for all your online accounts using multi-factor authentication, password-less, or password autofill. You also have additional account management options for your Microsoft personal, work or school accounts.

The multi factor authentication (MFA) feature provides a second layer of security. When enabled, during login after entering your password, you’ll be asked for an additional way to prove it’s really you. Either approve the push notification sent to the Microsoft Authenticator app, or enter the one-time password (OTP) generated by the app. The OTP codes are time-based, so are only valid for 30 seconds. The timer aspect means the same one-time password is never used twice. You can also add multiple accounts to your app, including non-Microsoft accounts like Facebook, Amazon, Google etc.

Microsoft Authenticator supports cert-based. This means the app will let your work or school organization know that the sign-in request is coming from a trusted device and help you to securely access additional Microsoft apps and services without needing to log into each time.

Pros

  • Straightforward, quick and easy set-up process.
  • Scan add both Microsoft and non-Microsoft accounts.
  • Allows cloud back-up, unlike Google Authenticator, which is useful if you lose access to your device and still need access to your accounts.
  • Recognises trusted devices and browsers, minimising the amount of log-in attempts requiring MFA.

Cons

  • No way to organise codes into folders or tags.

This is my personal favourite MFA app. I believe it provides multitudes of features that allow users to authenticate in many different ways and allows for more than just two steps in verifying your identity—providing for an even more secure experience. This is extremely important to me as with my school and work accounts I am looking for that extra security. I think as an iPhone user I like the ability as well to lock the app with touch ID, face ID or my passcode, for an extra layer of security. I also like how the app recognises when you’re accessing your account from a new or trusted device and, as such, adjusting the amount of MFA required. Overall, I think it’s a great app, easy to use and I’ve never had any problems with it and would definitely recommend it to those wanting extra security on their school, work and personal accounts.

Reviewer: Leah Parker

Download links:

Google play iconapp store link

Norton Password Manager 

App icon for Norton password managerThis is a password manager app, designed to store your passwords in a secure location. You can sign in with Apple or Google, or create a new account (I chose to create a new account using my University of Bristol email). The main area of the app is called the “Vault”, which is where your passwords are stored, and you can even choose to store credit cards or bank account details here too.

Saving a new password is simple. You click “Logins”, and the “+” sign in the bottom right corner. You can name the website, paste the URL and add the password. You can also add a note to accompany it and choose whether to sign in automatically next time you need to log into that account. It autofills the email as the same one you use for the Norton app, but you can change this if different websites use different email addresses.

Some other functions include:

  • Password Generator to provide you with more secure passwords
  • Secure Browser to protect you against online threats
  • Auto-fill, which automatically types passwords for you
  • Ability to save different addresses (home address, work etc), if a website requires you to enter an address

Pros

  • Many other password manager apps I looked at required a monthly subscription, but this one is free
  • Can search passwords by keywords, making it easy to locate the ones you need
  • Has a “notes” section, so you can add any notes you might need in regard to passwords
  • Offers a Tutorial Guide
  • Able to ‘favourite’ certain passwords that you need quickly and often

Cons

  • Logging back in after closing the app was difficult. There are two separate logins: one for the app, and the other for the password Vault specifically.
    • I was able to log into the app fine, but I hadn’t set up a PIN or password for the Vault yet, so couldn’t enter one to log back into it.
    • After deleting the app and redownloading, after logging in on the app, I was able to activate Face ID to access the Vault.

I would probably use this password manager. I like that it was free, especially in comparison to other ones which require a monthly subscription. This is significant, I think, because Google and phones themselves already save passwords for you, so paying for an app to do the same thing (although in a more secure fashion) is not particularly necessary.

I like the layout; it is very simple and easy to navigate, and you can search your saved passwords using keywords or favourite specific ones which would be helpful if you had a lot saved.

The only issue I ran into was logging back into the Vault after creating my account and closing down the app. Having checked the reviews, it seems this has happened to others! Deleting it and activating Face ID seems to have done the trick!

Reviewer: Georgie Pitts

Download links:

app store link

Google Authenticator

App icon for google authenticatorGoogle Authenticator generated 2-Step Verification codes on your phone for your Google Account to provide an additional layer of security when signing in. With 2-Step Verification, signing into your account will require both your password and a verification code you can generate with this app. Once configured, you can get verification codes without network or cellular connection. Features of Google Authenticator, to name a few, include: automatic setup via a QR code, use across multiple accounts, time-based and counter-based code generation and transfer of accounts between devices through a generated QR code.

Pros

  •  This app does not back up to the cloud, which from a security perspective is actually what you would want from a multi-step authenticator app.
  •  Relatively simple and straightforward to set up and use.
  •  Useful if you have multiple google accounts which required another layer of security.
  •  New feature means you have ability to transfer 2FA codes when upgrading to a new phone

Cons

  •  No cloud back up means losing access unexpectedly to the phone you set the authenticator app up on means you lose access to the 2-factor authenticator codes. This could possibly lock you out of your accounts if you are unable to log back into the original phone.

Personally I quite like the Google Authenticator app, it’s a simple app to use and it fulfils its intended purpose. I have set up Google Authenticator to multiple Google accounts and never had an issues with it. I find it is an app I can truly trust. That being said, I could see how this app may cause problems if I was to lose access to my phone. No question that cloud backup is extremely convenient but there is often a trade-off between convenience and security and this is a great example of that. This app is for those who choose a bit of extra security (codes only stored on the device) over the convenience of having their codes stored both on the device and in the cloud. I would say it just depends on the person whether you prefer to use an app with no cloud back up and extra security, or cloud back up and less security such as Microsoft Authenticator.

Reviewer: Leah Parker

Download links:

app store link

Find My iPhone

App icon for Find My app

This app allows you to track your Apple devices and notes the last time at which they were used/active. It uses Apple Maps to display your device location and is compatible with: iPhone, iPad, iPod touch, Apple watch, Mac, AirPods and AirTag. It includes Lost Mode, a noise alert for nearby devices and you only need your Apple ID to log in!

This is a very useful app! My favourite feature is how detailed the map is. Rather than it being vague, you can see the exact time and location the device was last used. Another favourite feature is the Lost Mode. By locking your device, no one can access your personal information, giving you an added level of security if you were to misplace your phone. Whilst this app does allow you to track your friends and family, it is not created for that purpose, and is more targeted to keeping track of your devices.

The fact it is compatible with other apple devices is really useful, particularly AirPods! We’ve all lost our headphones, so to be able to locate them easily is very useful!

Pros

  • Free! It comes with the phone
  • Has a setting which allows your devices to make a noise to alert you to where they are
  • You can put your devices in Lost Mode, which tracks its location; protects your data and even presents a message for whoever may find your device
  • You can even track your friends’ devices and vice versa, which can be turned off if you wish

Cons

  • Only available on Apple devices so Android users cannot download this app
  • If you lose your phone, you need a secondary device to locate it (a MacBook, for example), so if you don’t have one of these, then you cannot access the app remotely

I definitely recommend this app. It comes with the iPhone, and whilst I would be tempted to delete it to save storage space, I actually recommend keeping it around and tagging all of your Apple devices in case you need it in the future!

Reviewer: Georgie Pitts

Download links:

app store link Google play icon

*App Store link above opens iCloud to sign-in with your Apple ID, because the app is inbuilt. The Google Play link opens an Android equivalent called Google Find My Device. There are other available Android apps which share this functionality.

These apps aren’t supported or managed by the University of Bristol. Don’t forget to think about what data you are adding to these apps if you decide to download and use them. Our Online Identity video highlights some of the factors you may want to think about when you are online.

Next month: Gaming

Leave a Reply

Your email address will not be published.