Google Authenticator used to be a popular option for using two-factor authentication codes on mobile devices, but apps like Authy and 1Password are much better options now. Google is trying to change that by fixing Authenticator’s primary limitation.
Google Authenticator doesn’t support cloud synchronization, so setting up two-factor codes on multiple devices required scanning them with each device (though the codes can be migrated), and losing a device could be catastrophically bad. That limitation has led to alternatives like Authy, Microsoft Authenticator, and 1Password becoming more popular, all of which have additional features that are missing in Google’s app. Google also hasn’t worked on Authenticator much in recent years, with 2FA popup prompts now serving as the recommended option for most accounts.
Surprisingly, Google just announced an overhaul for Authenticator, complete with cloud syncronization support and a new icon. Two-factor codes are now backed up to your Google account, which the company says “means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security.” The app also has a completely new icon, ditching the vault-like design for a multi-colored asterisk. Personally, I liked the old icon better.
Cloud syncronization is definitely needed, especially in a world where phones can be easily lost or stolen, but Authenticator likely won’t be the most secure option. Google accounts are still based on passwords and any number of two-factor methods, including SMS-based 2FA, while alternatives like 1Password are testing no passwords at all.
You can download Google Authenticator 6.0 for iPhone and Android starting today. If you don’t see the update yet, it might still be rolling out.
Source: Google Security Blog