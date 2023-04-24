



Google Authenticator is adding requests from longtime customers. You can now sync your two-factor authentication code to your Google Account. So when you set up your new phone and log into your account, Authenticator is ready to use right out of the box without your own setup process. This also means that if your phone is lost or stolen, getting back into your account from another device won’t be a nerve-wracking ordeal.

Cloud syncing has become relatively common in other two-factor tools such as Authy, but Google really took a back seat and brought it to Authenticator, which launched in 2010.

One of the main pieces of feedback we’ve received from users over the years has been the complexity of dealing with lost or stolen devices with Google Authenticator installed, Google’s Christiaan Brand wrote in a blog post. . The authenticator’s one-time code was only stored on one device by him, so if that device was lost, the user could no longer use his authenticator to sign in to the service he set up 2FA for.

Brand writes that the update rolls out a solution to this problem and improves the durability of one-time codes by securely storing codes in users’ Google accounts. This change means that users are better protected from lockouts and services can rely on users to maintain access, improving both convenience and security.

You must update to the latest version of the Authenticator app for Android and iOS to enable cloud syncing of two-factor codes. Google has a support page detailing this feature and has confirmed that if you’re signed into your Google account within Google Authenticator, your codes will automatically be backed up and restored on any new device you use. increase.

The sound you hear is the sound of IT support staff around the world breathing a huge sigh of relief. This was a much-needed step to make one-time codes easier to use. Authenticator and other similar apps are a much more secure option than relying on SMS codes. Did you know that iOS now does this natively? Not everyone has noticed. The more friction you can eliminate, the more hires will be made.

The convenience of cloud sync can come with risks

However, cloud syncing of one-time passcodes could make targeting Google accounts even more tempting for malicious actors. If you can break into your account, you may gain access to a series of sensitive accounts. The Verge asked Google if this feature was optional. Authy has a toggle to allow (or prevent) the use of multiple devices under one account as an additional security measure.

With this update, the Authenticator app will also switch to a new logo, replacing the drab vault look with an asterisk in Google’s colors. While pushing towards a passwordless future, Brand writes, it continues to optimize the Google Authenticator app because verification codes remain an important part of today’s internet security.

