Skip to content
Last update: 2022-01-12


You use Authenticator to generate one-time passwords (also called verification codes) to sign in to your accounts that use multi-factor authentication.

Check with your account provider if multi-factor authentication is supported and how to enable it for your account.

Authenticator supports time-based and counter-based one-time passwords. See About one-time passwords.

To start Authenticator, touch and hold the Sophos icon and then tap Authenticator.


  • For time-based passwords, Authenticator shows the currently valid one-time password together with an animated icon that depicts the remaining time until the code becomes invalid and the next code is calculated.
  • For counter-based passwords, tap Refresh Refresh next to the account item to generate a new one-time password. To prevent you from accidentally generating multiple codes in a row, there is a latency of a few seconds after each generation before you can generate the next code.
  • To copy the current one-time password for an account to the clipboard, tap and hold the account item and then tap Copy Copy.
  • To edit the account details, tap and hold the account item and then tap Edit Edit. For security reasons, you cannot display or edit the secret key.
  • To delete an account, tap and hold the account item and then tap Delete Delete.


When you delete an Authenticator entry, you will lose the ability to generate one-time passwords for that account. This doesn’t turn off multi-factor authentication. Deleting the Authenticator entry may prevent you from signing into your account.

Before you delete an entry, ensure that you either have an alternative mechanism for generating one-time passwords, or an alternative mechanism to sign in to your account without multi-factor authentication.

Back to top