Authentication app for iMac

Yes, it's as straightforward as can be. I was pleasantly surprised. Passwords app > Codes will provide those rotating six digit codes.

I would be very reluctant to use a non-Apple equivalent, especially one whose business model is tracking and harvesting personal information.

Automatically fill in one-time verification codes on iPhone - Apple Support

There are several ways to do it. One is to go to an existing account in Passwords, select the account and click Edit, then click the Set Up Code button. Another is to go to the Codes section of the Passwords and add a new Code, which you will subsequently associate with an existing account or use to create a new account.

The other part of the process happens on the site where you need the code. When adding 2FA on that site, you should be presented with a QR code and a setup key (sometimes there's just the QR code and an option for 'if you can't use the QR code' that provides the key. You can copy/paste the setup key into the field in the Passwords app, or take a screenshot of the QR code and use the Choose QR code Image button in Passwords.

Personally, I use the Google Authenticator app on my iPhone.

https://apps.apple.com/us/app/google-authenticator/id388497605

Typically, websites that require such an app offer a QR code you can scan in the app.

When using my Mac, I can still copy the code in the iPhone app and paste it on the Mac website using the Universal Clipboard feature.

Apple’s Passwords app supports this, as well.

Automatically fill in one-time verification codes on iPhone - Apple Support

On my Mac, in the Passwords app:

Suggest you address your inquiry to the folks who administer that website and ask for guidance. They may point you to a specific app for your situation. Or at least guide you to successful authentication using the browser you already use or an alternative.

If passkeys are supported by the particular site or service, here is some info and background:

https://www.youtube.com/watch?v=otObbUSxcqs

Passkeys combine password and second factor:

This presentation by a developer working on authentication support at Apple.

When non-Apple products and services discuss an "authenticator app" they are referring to the Passwords app.

Use the Passwords app to create, manage, and share passwords and passkeys across Apple devices - Apple Support

John Galt wrote:

I would be very reluctant to use a non-Apple equivalent, especially one whose business model is tracking and harvesting personal information.

Indeed, and thanks. Until this thread, I was unaware that Apple's app offered this feature. I'll be switching my one-time codes to Passwords (with the exception of a couple of employer-used financial sites that say they require the RSA app, probably as a legacy from SecurID).

John Galt wrote:

Amazon implements passkeys in the exact same manner as this site (Apple Support Communities) so it's not quite clear to me what that problem may have been.

The passkey itself was fine and easily implemented, I did that a long time ago. The issue was that for an account in Passwords with a passkey, a Code cannot be added to the same account (which I was trying to do as part of ditching Google Authenticator). I understand that a passkey is superior to 2FA and that a passkey inherently includes 2FA, but Passwords precludes adding a Code anyway.

You can confirm this behavior in Passwords, select an account for which you have no passkey and Edit that entry, there's an option to Set Up Code. Then select an account for which you have a passkey and Edit that entry, and there's no option to add a Code. Thus, since I had a passkey already for Amazon, when I tried to add a Code to the entry in Passwords, I could not.

From the other side, if I go into Passwords, select Codes then the (+) button to add one and provide it with a setup QR code, I cannot add the code to my Adobe account since that already has a passkey.

Note that I cannot add it to the Amazon account because that already has a code. The only way to have both a code and a passkey is if you add the Code to the account and subsequently set up a passkey, which is what I had to do for Amazon. The other way around doesn't work.

neuroanatomist has you covered.

I understand all these authentication options can be vexing. The two-factor authentication you're asking about is not related to authentication codes or passkeys or "authenticator apps" as that website is describing them. Two-factor or 2FA as it is sometimes called refers to a numeric code sent as a text message to a phone number capable of receiving text messages. They are commonly six digits these days but it used to be four digits, and I have seen some that send seven digits or more. If you have an iPhone and a Mac running Safari (recent versions of everything of course) Safari will helpfully auto-fill that code, in a sort of middle-finger salute to the wizards of smart who insisted passwords weren't good enough.

In short, we don't use the Passwords app for that.

In any event you do not need to download and install a third party "authenticator app" as that website alleges — unless — your iPhone or Mac is too old to incorporate Apple's native Passwords app. It is the "authenticator app" they describe.

And, like you, given the fact user privacy lies at the heart of everything Apple does, I would be reluctant at best to trust any other.

Lastly, I believe using an "authenticator app" remains an option, at least for the moment. After all not everyone has an iPhone, wants one, or is required to have one as a condition of remaining a human being... yet.

All smooth, except for Amazon. Their implementation of Passkeys combined with Apple's Passwords app is not a friendly combination. Passwords won't let you add an authenticator code to an account with a Passkey set up (at least, it wouldn't for me), so I had to basically clear all my Amazon security settings except the basic password, then turn on 2FA and add the one-time code option, then add a passkey. All good now but rather a PITA, since I needed both because some sign ons (e.g., package trackers with Amazon integration) don't support passkeys.

Amazon implements passkeys in the exact same manner as this site (Apple Support Communities) so it's not quite clear to me what that problem may have been.