Google Authenticator adds a longstanding customer request: you can now sync your two-factor authentication codes with your Google account. So when you set up a new phone and log into your account, the Authenticator app will be ready to go without going through its setup process. It also means that if your phone is lost or stolen, getting back into your accounts from another device will be less of a nerve-wracking ordeal.
Cloud syncing has become relatively popular over other two-factor tools like Authy, but Google has been really slow to bring it to Authenticator, which launched in 2010.
“One of the main comments we’ve heard from users over the years has been the complexity of dealing with lost or stolen devices that have Google Authenticator installed,” Google’s Christiaan trademark wrote in a blog post. “Because the one-time tokens were stored in the Authenticator on only one device, the loss of that device meant that users lost their ability to sign in to any service they had set up 2FA authentication for using the Authenticator.”
“With this update, we are rolling out a solution to this problem, making one-time tokens more durable by storing them securely in users’ Google Account,” Brand wrote. “This change means that users are better protected from lockouts and that services can rely on users retaining access, which increases convenience and security.”
To enable cloud syncing of binary codes, you will need to update to the latest version of the Authenticator app for Android and iOS. Google has a support page He goes into more detail about the feature, confirming that “if you sign into your Google account within Google Authenticator, your codes will automatically be backed up and restored on whatever new device you’re using.”
That sound you’re hearing is IT support staff everywhere breathing a sigh of relief. This was a much needed step to make it easier to use one-time codes. Authenticator and other apps like it are a safer option than relying on SMS codes. Did you know this iOS can now do this natively? Not everyone knows. The more friction you can eliminate, the higher the adoption.
The convenience of cloud syncing likely comes with additional risks
But cloud syncing of one-time passcodes can make targeting Google accounts more tempting for malicious actors. If you manage to hack an account, you can gain access to a range of sensitive accounts. Google spokeswoman Kimberly Samra confirmed that account syncing is completely optional. But if you enable it, don’t expect any additional security precautions beyond Google’s standards. To prevent uninvited guests, Authy has a unique password to restore two-factor backups And Toggle to allow (or prevent) the use of multiple devices with an account.
With this update, the Authenticator app also switches to a new logo, ditching the look of a faded vault in search of an asterisk in Google colors. As we push towards A Receiver without passwordAuthentication codes remain an important part of today’s internet security, so we’ve continued to make improvements to the Google Authenticator app,” Brand wrote.
Update April 24th, 4:00 PM ET: The article has been updated with confirmation from a Google spokesperson that account syncing is optional.
“Freelance web ninja. Wannabe communicator. Amateur tv aficionado. Twitter practitioner. Extreme music evangelist. Internet fanatic.”