Google authenticator fair received an update that should make it more useful for people who frequently use the service to log into apps and websites.
Starting today, Google Authenticator will sync any unique two-factor authentication (2FA) code you generate with users’ Google accounts. Previously, Authenticator one-time codes were stored locally, on a single device, which meant that losing that device often meant losing the ability to sign in to any service configured with Authenticator 2FA.
To take advantage of the new sync feature, simply update the Authenticator app. If you’re signed in to a Google account within Google Authenticator, your codes will be backed up and automatically restored to any new device you use. You can also manually transfer your codes to another device, even if you’re not signed into a Google account, by following the steps in this support page.
Some users may be wary of syncing their sensitive codes to the Google cloud, even if they originated from a Google product. But Christiaan Brand, group product manager at Google, says he’s looking for convenience without sacrificing security.
“We launched Google Authenticator in 2010 as a free and easy way for sites to add ‘something you have’ 2FA that bolsters user security when signing in,” Brand wrote in a blog post announcing today’s change. “With this update, we’re rolling out a fix to this issue, making one-time codes more durable by storing them securely in users’ Google Accounts.”
Of course, Google hasn’t always maintained great transparency around the Authenticator roadmap. The app started as an open source project, but later became proprietary; the official open source forks of the Android, iOS, and BlackBerry apps haven’t been updated in years.
Fortunately, if Authenticator doesn’t work for you, there are plenty of alternatives to 2FA. Authy is among the most popular, but Duo is another popular choice and for what it’s worth, the New York Times’ first option.
—————————————————-
Source link