Home
Utilities
Application Utilities
Security

Authy vs Spring Security

Need advice about which tool to choose?Ask the StackShare community!

Authy
165
174
+ 1
1
Spring Security
557
589
+ 1
6
Add tool

Authy vs Spring Security: What are the differences?

  1. Authentication Methodology Authy focuses on two-factor authentication and provides features like SMS, voice call, and token-based authentication. On the other hand, Spring Security is a comprehensive framework that offers various authentication mechanisms such as OAuth, OpenID, and SAML in addition to traditional username and password authentication.
  2. Integration Flexibility Authy is mainly focused on providing two-factor authentication services and can be integrated into any web or mobile application easily. Spring Security, on the other hand, is a full-fledged security framework that can be integrated with Spring-based applications seamlessly for managing authentication, authorization, and more.
  3. Customization Options Authy offers limited customization options in terms of branding and user experience for two-factor authentication. Whereas Spring Security provides extensive customization by allowing developers to define custom authentication providers, filters, and access control rules based on specific requirements.
  4. Scalability and Performance Authy's services are cloud-based which can offer good scalability and performance for handling authentication requests. Spring Security, being part of the Spring ecosystem, benefits from the scalability and performance improvements provided by the Spring framework for enterprise-level applications handling large volumes of users and requests.
  5. Community Support Authy has a dedicated support team for assisting with integration and troubleshooting two-factor authentication. Spring Security, being part of the larger Spring community, has a vast network of developers, forums, and resources for resolving issues and getting help with implementing security solutions.
  6. Ease of Use Authy is designed to be user-friendly for developers looking to implement two-factor authentication quickly and efficiently, with easy-to-understand documentation. Spring Security, while comprehensive, may have a steeper learning curve for developers due to its extensive feature set and configurations required for advanced security implementations.

In Summary, Authy is primarily focused on two-factor authentication with limited customization options and integration flexibility, while Spring Security is a comprehensive security framework with extensive customization options, scalability, community support, and complexity suitable for enterprise-level security implementations.

Advice on Authy and Spring Security
sindhujasrivastava
| 4 upvotes · 255.7K views
Needs advice
on
KeycloakKeycloakOktaOkta
and
Spring SecuritySpring Security

I am working on building a platform in my company that will provide a single sign on to all of the internal products to the customer. To do that we need to build an Authorisation server to comply with the OIDC protocol. Earlier we had built the Auth server using the Spring Security OAuth project but since in Spring Security 5.x it is no longer supported we are planning to get over with it as well. Below are the 2 options that I was considering to replace the Spring Auth Server. 1. Keycloak 2. Okta 3. Auth0 Please advise which one to use.

See more
Replies (3)
Luca Ferrari
Solution Architect at Red Hat, Inc. · | 5 upvotes · 233.5K views
Recommends
on
KeycloakKeycloak

It isn't clear if beside the AuthZ requirement you had others, but given the scenario you described my suggestion would for you to go with Keycloak. First of all because you have already an onpremise IdP and with Keycloak you could maintain that setup (if privacy is a concern). Another important point is configuration and customization: I would assume with Spring OAuth you might have had some custom logic around authentication, this can be easily reconfigured in Keycloak by leveraging SPI (https://www.keycloak.org/docs/latest/server_development/index.html#_auth_spi). Finally AuthZ as a functionality is well developed, based on standard protocols and extensible on Keycloak (https://www.keycloak.org/docs/latest/authorization_services/)

See more
Lukas Marschall
| 2 upvotes · 173.3K views
Recommends
on
KeycloakKeycloak

You can also use Keycloak as an Identity Broker, which enables you to handle authentication on many different identity providers of your customers. With this setup, you are able to perform authorization tasks centralized.

See more
Sandor Racz
Chief Architect · | 2 upvotes · 215.6K views
Recommends
on
KeycloakKeycloak

We have good experience using Keycloak for SSO with OIDC with our Spring Boot based applications. It's free, easy to install and configure, extensible - so I recommend it.

See more
Manage your open source components, licenses, and vulnerabilities
Learn More
Pros of Authy
Pros of Spring Security
  • 1
    Google Authenticator-compatible
  • 3
    Easy to use
  • 3
    Java integration

Sign up to add or upvote prosMake informed product decisions

Cons of Authy
Cons of Spring Security
  • 2
    Terrible UI on mobile
    Be the first to leave a con

    Sign up to add or upvote consMake informed product decisions

    - No public GitHub repository available -

    What is Authy?

    We make the best rated Two-Factor Authentication smartphone app for consumers, a Rest API for developers and a strong authentication platform for the enterprise.

    What is Spring Security?

    It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements.

    Need advice about which tool to choose?Ask the StackShare community!

    Jobs that mention Authy and Spring Security as a desired skillset
    Sr. Staff Software Engineer, Core Retrieval
    Pinterest
    San Francisco, CA, US; , US
    View Job Details
    InfraDream+2
    Staff Software Engineer, Ads Serving Platform
    Pinterest
    San Francisco, CA, US; , US
    View Job Details
    guidanceInfraDream+9
    Manager II, Engineering - Storage Foundations
    Pinterest
    San Francisco, CA, US; , US
    View Job Details
    InfraSQLMySQL+7
    Staff Software Engineer, ML Training
    Pinterest
    San Francisco, CA, US; , CA, US
    View Job Details
    PatternsInfraDream+12
    Sr. Staff Software Engineer, Ads ML Infrastructure
    Pinterest
    San Francisco, CA, US; , CA, US
    View Job Details
    CUDAInfraDream+7
    Engineering Manager, Identity & Access Management
    Postman
    Bangalore, India
    View Job Details
    Cohesivehighlight.ioONES+9
    Senior Engineer (Backend), Identity & Access Management
    Postman
    Bangalore, India
    View Job Details
    ONESUtilizeSchedule+8
    What companies use Authy?
    What companies use Spring Security?
    Manage your open source components, licenses, and vulnerabilities
    Learn More

    Sign up to get full access to all the companiesMake informed product decisions

    What tools integrate with Authy?
    What tools integrate with Spring Security?

    Sign up to get full access to all the tool integrationsMake informed product decisions

    What are some alternatives to Authy and Spring Security?
    Duo
    Duo is a next-generation package manager that blends the best ideas from Component, Browserify and Go to make organizing and writing front-end code quick and painless.
    Starling
    Starling is a powerful but simple messaging server that enables reliable distributed queuing with an absolutely minimal overhead. It speaks the MemCache protocol for maximum cross-platform compatibility. Any language that speaks MemCache can take advantage of Starling's queue facilities.
    Duo Security
    In order to trust that your users are who they say they are, we verify their identity with an easy-to-use two-factor authentication solution, while giving you the ability to enforce stronger user access policies.
    1Password
    Lock credentials and secrets in vaults that sync across systems and seamlessly access within your dev, CI/CD, and production environments. Plus, generate and use SSH keys directly from 1Password, automate infrastructure secrets, and more.
    LastPass
    LastPass Enterprise offers your employees and admins a single, unified experience that combines the power of SAML SSO coupled with enterprise-class password vaulting. LastPass is your first line of defense in the battle to protect your digital assets from the significant risks associated with employee password re-use and phishing.
    See all alternatives

    Related Comparisons

    Authy vs Castle vs DetectifyAuthy vs JScrambler vs SSLMateAuthy vs Duo SecurityAuthy vs StopTheHacker vs Tinfoil SecurityAuthy vs ExpeditedSSL

    Trending Comparisons

    Django vs Laravel vs Node.jsBootstrap vs Foundation vs Material-UINode.js vs Spring BootFlyway vs LiquibaseAWS CodeCommit vs Bitbucket vs GitHub

    Top Comparisons

    Postman vs Swagger UIHipChat vs Mattermost vs SlackBitbucket vs GitHub vs GitLabBootstrap vs Materialize