Google Authenticator update fixes the biggest pain of 2-factor security

Chris Davies - Dec 3, 2020, 11:43am CST
Google Authenticator update fixes the biggest pain of 2-factor security

As anybody even vaguely internet-savvy knows, you can never really have too much security for your accounts. Hacks are increasing in number, but even though options like two-factor authentication (also known as 2FA) are often available, there’s one big reason people might not turn them on. Now, Google Authenticator is addressing it.

What is 2 Factor Authentication?-

Two-factor authentication sits alongside your – hopefully strong – password, rather than replacing it. The idea is that, in addition to something you know, such as a password, you also demonstrate you are who you say you are with something you have.

That’s usually a device, such as a smartphone or a USB dongle, which either generates a code or needs to be inserted into the computer to prove you’re you. One of the most popular apps for that is Google Authenticator, available for Android and iOS. Once set up correctly with 2FA-compatible accounts, it generates a six-digit number every 30 seconds. If you don’t have the code number that the account you’re logging into expects, you don’t get access.

It means that, if someone hacks or guesses your password, they’re still much less likely to get into your account because they probably don’t have your phone with the authenticator app loaded on it. The downside, however, comes when it’s time to change your phone.

Google Authenticator adds 2FA migration

By design, two-factor authentication codes aren’t made to automatically synchronize when you backup an old phone and restore that data to a new one. That typically means you have to manually transfer your 2FA settings over to a new phone when you upgrade: if you switched from an older iPhone to a new iPhone 12, for example, you’d need to migrate the two-factor authenticator settings across in order to retain easy access to your accounts.

Google Authenticator hasn’t traditionally made that easy. Indeed, if you’ve wanted to migrate, that’s basically been a manual process: logging into the security settings of each account and going back through the 2FA process. That typically generates a QR code which you scan in the app to register it.

This week, however, there’s an update. The new Google Authenticator – updated for Android and iOS – allows you to export your registered two-factor accounts. From the accounts view, tap the overflow button in the top-right corner and then choose “Export Accounts.” There’s the option to select which accounts you want to switch over, or you can select all of them.

On your new device, meanwhile, once you have the latest version of Google Authenticator installed, you can choose “Import existing accounts” and then scan in a QR code to transfer them.

As anybody who has moved between phones recently knows, the more two-factor authentication you rely on, the more tedious that process can be. Google Authenticator isn’t the only 2FA app out there – and some already offer account exports, too – but it’s definitely one of the most popular and straightforward (not to mention, free). And, as security researchers know all too well, the easier you can make it for people to use higher levels of protection for their accounts, the less likely they are to get hacked.

Updated to clarify that codes can be generated by multiple active devices, though security expects recommend as few devices as is feasible.


Must Read Bits & Bytes