Google Authenticator, the widely used two-factor authentication app, now allows users to sync their one-time codes in the cloud. This update aims to make it easier for users to switch between devices without losing their authentication data.
The update was announced today via the
Google Security Blog and it affects both the iOS and Android app. Previously, users had to manually transfer their codes from one device to another or disable and re-enable two-factor authentication when switching devices. This process could be cumbersome, especially for users who frequently switch between devices, replace their phones, or had their device stolen.
One major piece of feedback we’ve heard from users over the years was the complexity in dealing with lost or stolen devices that had Google Authenticator installed. Since one time codes in Authenticator were only stored on a single device, a loss of that device meant that users lost their ability to sign in to any service on which they’d set up 2FA using Authenticator.
The new cloud sync feature will automatically store users’ authentication data in the cloud, allowing them to access it from any device with the Google Authenticator app installed. To enable Google Account synchronization in Google Authenticator, users will need to open the app, tap the menu icon, select “Settings” and tap “Backup to Google Account,” then follow the on-screen instructions to sign in to their Google Account and enable backup.
Once backup is enabled, one-time codes will be stored securely in the users’ Google Account, so if their device is lost or stolen, they can be restored simply by signing in on a new device and requesting to “Restore codes.”
Google explains that with this update the company is making one-time codes more resilient by securely keeping them in users’ Google Accounts, improving user lockout protection and allowing services to rely on users maintaining access, which boosts convenience and security.
Google has long promoted a number of methods for safe authentication across the web in addition to one-time codes from Authenticator, such as Google Password Manager and “Sign in with Google” options across the web. Additionally, Google has been collaborating with the FIDO Alliance to facilitate the move to using passkeys, instead of passwords, which will provide users with even more practical and secure authentication options.
