Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Google Authenticator Now Supports Backing Up 2FA Codes Using Google Account

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,530
39,364


The Google Authenticator app used to store one-time access codes for account security now supports backups and syncing across devices using a Google Account, Google announced today.

google-authenticator.jpg

With Google Account support, one-time passwords can be saved in the cloud, so if you lose the device with your Google Authenticator app installed, you won't lose access to all of your authentication codes. Prior to the integration of Google Account support, all codes in the Google Authenticator app were stored on device, which is problematic when a device is lost.

Google says with one-time passwords available in a Google Account, users are "better protected from lockout," increasing convenience and security. Google Account integration for Google Authenticator is available on both iOS and Android devices. Adding Google Account support will require signing into the account in the Google Authenticator app, and once that is done, codes will be automatically backed up and restored on any new device where you sign in to your Google Account.

The latest version of the app is required, and on iPhone and iPad, it can be downloaded from the App Store for free. [Direct Link]

Article Link: Google Authenticator Now Supports Backing Up 2FA Codes Using Google Account
 
Article Link
https://www.macrumors.com/2023/04/24/google-authenticator-google-account-integration/
I think the desirability of this new feature depends on how you use Google Authenticator. If you use GA 2FA codes for anything sensitive or confidential, such as banking (risk: losing control over a checking account or credit card) or mobile phone carrier accounts (risk: becoming the victim of a SIM swapping attack), it's probably better to copy the codes over to another device manually. That way you maintain complete control over critical information and avoid any exposure to the cloud.

But for logins that aren't for anything that needs to be kept private or secure, syncing via your Google account probably is OK in most circumstances.

In any case, I hope passkeys become widely adopted soon. Then all the time and effort we spend dealing with passwords and 2FA can be used on something more fun or more productive.
 
Last edited:
  • Like
Reactions: 00sjsl, Verified Whiskey, SantaFeNM and 2 others
Sydnxt said:
Do you guys honestly think Google employees will be using your 2FA keys to login to your accounts?
Click to expand...

No.

What does concern me is what other information they are able to skim off my device simply because I have their app installed (location, clip board contents, etc.) that adds to their already voluminous collection. Simple as that.

Screenshot 2023-04-24 at 3.55.03 PM.png


Example: WTF does Google need my contacts for in order for the authenticator app to work? Why are they collecting Search History? Location?!!?! F Google!
 
Last edited:
  • Like
  • Love
Reactions: mthomas184, robd003, Kirkster and 8 others
Cromulent said:
I switched from Google Authenticator to Authy years ago to get cloud sync. I don't see the point in moving back to Google, though.
Click to expand...

I used Authy, but eventually moved back to Authenticator, and when it came time to move to a new iPhone, Authenticator was a breeze! Previously, I had to log into each service, disable 2FA, and then re-enable it with the new device. A real pain. But I'm also worried that Google made some compromises to allow the transfer of codes between devices, as I originally understood the codes being generated are tied to the hardware profile.
 
  • Like
  • Disagree
Reactions: jonblatho and cateye
Cromulent said:
I switched from Google Authenticator to Authy years ago to get cloud sync. I don't see the point in moving back to Google, though.
Click to expand...
I actually moved to Authy myself for this exact same reason. I was actually sick of having to go through trying to access my accounts again because Google Auth didn't have the cloud sync (if I moved or reset my phone). I also feel like I have a wider range of access to my Security codes as I'm able to access them from a computer.

When I used Google Authenticator previously, I don't think I could also use security features that Authy provides on Google Auth (such as face ID), although it has been some time since I last used Google Authenticator.
 
  • Like
Reactions: Santiago
I've avoided Google Authenticator ever since I set it up to authenticate an important work account and one day it just stopped authenticating. I won't say I'm a Duo fan, but at least that actually works reliably.
 
Been using Authy for a very long time and I doubt I'll be using anyone else as long as they are still around, have had no issues switching over to new iPhones with Authy, I just verify it's me on another device once and I'm done, syncs great between my iPhone, iPad, Apple Watch and Windows.
 
  • Like
Reactions: adrianlondon, TheYayAreaLiving 🎗️ and ignatius345
KaliYoni said:
I think the desirability of this new feature depends on how you use Google Authenticator. If you use GA 2FA codes for anything sensitive or confidential, such as banking (risk: losing control over a checking account or credit card) or mobile phone carrier accounts (risk: becoming the victim of a SIM swapping attack), it's probably better to copy the codes over to another device manually. That way you maintain complete control over critical information and avoid any exposure to the cloud.

But for logins that aren't for anything that needs to be kept private or secure, syncing via your Google account probably is OK in most circumstances.

In any case, I hope passkeys become widely adopted soon. Then all the time and effort we spend dealing with passwords and 2FA can be used on something more fun or more productive.
Click to expand...
I use the Authenticator feature in Apple's Keychain. It syncs between iOS/iPadOS and MacOS and I keep the verification codes in the Notes/Comments field. iOS backup acts as insurance. And (for now) I trust Apple more than Google (Authenticator) or Microsoft (Authenticator). I did consider BitWarden, but why bother when Keychain is ubiquitous?
 
  • Like
Reactions: Santiago, Solomani, Seoras and 5 others
I wonder what the details of this picture are supposed to tell us: 🤔

1682365635967.jpeg


Our starry 2FA keys are taking a partially discontinuous, convoluted path into a Google snowflake, and then fly away like birds, while clouds are passing by?
 
  • Like
  • Haha
  • Wow
Reactions: sorgo †, 123, Shirasaki and 4 others
I have no issues with using any of Google's products but I'd rather not use them for my 2FA only because Google loves discontinuing stuff whenever they feel like it and they do it far to often.
 
  • Like
Reactions: Santiago, snek and julianps
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back