.png)
Google Authenticator adds a long-standing customer request: you can sync your two-factor authentication code with your Google Account. So when you set up a new phone and sign in to your account, Authenticator will be ready to go without requiring its own setup. It also means that if your phone is lost or stolen, accessing your account from another device will be a breeze.
Cloud integration has become common with other devices like Authy, but Google really pulled it off with Authenticator, which launched in 2010. "One of the biggest issues we've heard from users over the years is the complexity of managing lost or stolen devices that have Google Authenticator installed," Google's Christiaan Brand wrote in a blog post. "Because the unique code in the Authenticator is only stored on one device, the loss of that device means that users lose the ability to sign in to any service configured with 2FA using the Authenticator."
"With this update, we're rolling out a fix for this issue, making unique codes longer by storing them securely in users' Google Accounts," Brand wrote. "This change means that users are better protected from being locked out and work can depend on users retaining access, increasing both efficiency and security."
To enable cloud synchronization for two-factor authentication, you must update to the latest version of the Authenticator app for Android and iOS. Google has a support page that provides more details about the feature, confirming that "if you sign in to your Google Account with Google Authenticator, your code will be automatically verified and restored on any new device you use used."
That sound you hear is IT support staff everywhere taking a deep breath. This is an important step to facilitate the use of shared code. Authenticator and other similar apps are a safer option than relying on SMS codes. Did you know that iOS can now do this natively? Not everyone knows. The more friction you can remove, the more adoption there will be.
The benefits of cloud computing can come with added risks
But cloud syncing of one-time passcodes can make securing Google accounts more tempting for attackers. If you can log in to an account, you can get a lot of soft accounts. Google spokeswoman Kimberly Samra confirmed that syncing accounts is completely optional. But if you do, don't expect any security measures beyond Google's standard measures. To prevent uninvited visitors, Authy has both a one-time password to restore two-factor authentication and flexibility to allow (or prevent) the use of multiple devices with the same account. With this update, the Authenticator app is switching to a new logo, removing the space for Google's signature logo. "As we move toward a password-free future, passcodes are still an important part of online security today, so we continue to promote the Google Authenticator app," Brand wrote. Update April 24, 4:00 PM ET: This story has been updated with confirmation from a Google spokesperson that syncing accounts is an option.
Comments0