Last updated on April 19th, 2024 at 02:38 am
Google Authenticator is perhaps the best known authenticator, a type of app that generates 2FA codes. But it lacked a crucial feature that many of its competitors, like Authy, have had for a long time: cloud backups.
The latest update to Google Authenticator, announced in a blog post by Google’s Christiaan Brand, changes that. In the newest version, users will be able to back up their 2FA codes to their Google accounts. This means that if a user loses or breaks their phone, they’ll be able to restore their 2FA codes from their Google account and get up and running again quickly.
Google Authenticator could be backed up manually prior to the latest update by making use of the app’s “Export accounts” feature. However, the process was somewhat complicated and, as it had to be repeated anytime a new account was added to the app, was not exactly convenient.
As a result, many users didn’t make a manual backup. If they then lost or broke their phone, they’d find themselves without access to their 2FA codes and unable to log in to their accounts.
The new update should make that unpleasant scenario far less common. As Brand put it in his blog post, “This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security.”
But not everyone is comfortable backing up their 2FA codes to the cloud. Fortunately, as reported by The Verge, making use of the new cloud backup feature is entirely optional.
Update April 26th: The security researcher duo known as Mysk warned on Twitter that Google does not end-to-end encrypt 2FA data when it gets synced to a user’s Google account. This means that Google, and anyone else who gains access to your Google account, can see your 2FA codes if you enable cloud backup. Hopefully, Google will change how the backup option works to make it more secure.
