Google Authenticator: a dangerous cloud backup?
Launched 12 years ago, Google Authenticator is an application that allows you to generate validation codes to connect to online accounts, without going through SMS codes that have become too easy to intercept. Available on android And iOSthis app is very useful for simplifying a security process that has become essential in the face of increasingly numerous malware specialized in this type of attack.
Why use Google Authenticator?
The application is very fast, allowing a secure connection to your favorite applications in seconds. Easy to configure, it can work on several devices (iPhone, Android, etc.) or platforms and even on a browser, via an extension. For more information, you can visit the support page from Google.
Google Authenticator becomes more fluid
With the growing importance of two-factor authentication (2FA), this application has become essential for many users. Except that, by changing laptops, many of them found themselves blocked from all the services on which Authenticator had been configured.
From now on, if you change your smartphone, once connected to your Google account, your 2FA access will be much easier. Thanks to the synchronization of your account via the Cloud, Authenticator will be configured as soon as it is launched on a new device. What facilitate the change of laptop but also the recovery of data in case of loss or theft.
A feature at risk?
Google Authenticator is therefore equipped with a new feature, cloud account synchronization, allowing the user to access their unique passwords from another device. Except that, according to a research team, this tool is not end-to-end secure. Worse, hacking a block of your credentials on Authenticator would be enough to recover all your 2FA codes as well as a large amount of login data.
This cloud account backup feature is optional. So, while waiting for Google to offer an improvement in the security of this function, another team recommends users to disable it. Although Google’s servers are generally secure, it’s best not to joke about the security of your data. This modification is already giving cold sweats to the “crypto bros” and we understand them…
The danger with Google’s new cloud backup for 2FA authenticatorhttps://t.co/UfYHnN4iFt
—John Morgan (@johnmorganFL) April 26, 2023
Google has planned to improve its end-to-end encryption for this synchronization service. So be patient, to benefit from optimal security, it will happen. In addition, this update also brings a new icon for the Google Authenticator application! That way, you will know when this new feature will be available on your device. At the editorial office, we are still waiting…