You should use an authenticator application for roles that require 2FA. You can select an authenticator app from the vendor of your choice, as long it complies with the OATH TOTP standard. The following mobile phone apps are recommended:
Download the appropriate authenticator app for your mobile phone to get started.
The authentication application you choose must support the OATH TOTP, the IETF RFC 6238 standard. OATH is the Initiative For Open Authentication. TOTP means time-based one-time password. IETF is the Internet Engineering Task Force.