The search giant Google on Monday rolled out a major update for it 12 years old Authenticator app for Android and iOS with an account sync option that allows users to back up one-time passwords on a time basis (TOTP) code to the cloud.
“This change means users are better protected from lockouts and services can rely on users to maintain access, increasing convenience and security,” said Christiaan Brand of Google. said.
The update, which also brings a new icon to two-factor authenticator (2FA) apps, finally brings it into line with Apple. iCloud Keychain and overcame a longstanding complaint that it was related to the device it was installed on, making it a pain when switching between phones.
Even worse, as Google says, users who lose access to their devices completely “lose the ability to sign in to any service where they set up 2FA using Authenticator.”
The cloud sync feature is optional, meaning users can choose to use the Authenticator app without linking it to a Google account. Nonetheless, it is always necessary to remember about the pitfalls associated with cloud backup, as bad actors with access to Google accounts can exploit it to break into other online services.
The development comes days after Swiss privacy-focused company Proton went beyond 100 million active accounts last week, launched end-to-end encryption password manager so-called solution Proton Street.
Open source and publicly auditable tools, which utilise from bcrypt password hashing function and secure version of Password Remote Secure (SRP) protocol for authentication, also comes with 2FA integration.