Google has finally acted on the demands of its users and given its authenticator app, Google Authenticator, the ability to synchronize with Google accounts.
The move means that all your saved accounts that require a time-based one-time passcode (TOTP) for two factor authentication (2FA) can be backed up, so if you lose your device or get a new one, you won’t have to manually set them all up again.
Worse still, you may be locked out of your services completely if you don’t have a back-up (2FA) method in place for them.
Cloud backup
The app does not get updates often, but in addition to this new syncing ability, there is also a new icon for the Android and iOS versions of the app, to keep it in line with Google’s vivid multi-colored aesthetic.
Apps such as Google Authenticator are commonly used in 2FA or multi-factor authentication (MFA) scenarios, where the TOTPs created by these apps are asked for by the services you log in to with your username and password on another device, as an extra layer of security to check it’s really you who is trying to access your account.
There are other ways to have these TOTPs delivered to you, such as via an SMS text message. However, this method is considered less secure than using a dedicated app, as texts can be intercepted in sim swapping scams, where threat actors can clone your number to their own device.
You can also use physical security keys to input 2FA codes, which are very secure, but if you misplace them, you could be locked out of your accounts for good.
Google Authenticator can still be used without syncing to your Google account, and still doesn’t even require one at all to use it. There are also a few other minor changes to the UI, but nothing that drastically affects the way you’d use the app – it still remains as basic and simple to use as before.
The new update is currently rolling out on iOS and Android devices. After opening the app for the first time after updating, you will be asked if you want to sync your 2FA accounts to your Google Account, will takes only one or two click to setup. After doing so, you will notice a cloud icon in the top corner to indicate that they’re synced.
The move follows Google’s other security-related updates recently, which includes replacing Chrome’s in-built password manager with the Google Password Manager, in effort to make users’ passwords more accessible across various platforms. It now also adds an extra notes field for each of your entries, allowing you to manually put in extra information related to a credential.