MFA - Alternatives for mobile TOTP apps


Can I use desktop or browser-based TOTP authenticators?


As a best practice, use mobile authenticator apps or physical security keys because these types of verification methods exist separately from a user’s laptop or workstation. This way, if a bad actor manages to gain access to a user’s computer, the user’s second factor isn’t also compromised.

That said, if a TOTP desktop authenticator app or browser extension is the only option that works for you, you can satisfy the MFA requirement with these types of methods.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support