Google has updated its Google Authenticator app for Android and iOS to add the ability to sync accounts, allowing users to back up their time-based one-time passwords (TOTP) to the cloud. This should help in cases where people lose their devices and need to access old Authenticator data and app-secured accounts.
The Authenticator app is a popular and more secure alternative to two-factor authentication (2FA) than SMS and email. However, one of its biggest drawbacks has been the lack of backup of 2FA one-time codes, as well as the lack of multi-device support.
Therefore, if a user lost their device or lost access to it, they were deprived of access to all accounts protected by this 2FA method, and restoring access became very difficult or impossible. It was also impossible to add 2FA codes to multiple devices without a cloud backup.
Google has now released a new version of the Authenticator app, prompting users to sign in to their Google account and sync 2FA codes with that account. Two-factor authentication must be enabled for the Google account itself, as this will reduce the likelihood of unauthorized access to backups.
The updated version of the app is already available for iOS users, and is rolling out gradually to Android users. If you don’t see Google Authenticator 6.0 in the official store yet, you’ll have to wait a bit.
