Google Authenticator iOS App Gains New Export Accounts Option

[MacRumors]

Google has updated its 2FA Authenticator app for iOS with a new account transfer feature that makes it much easier to transfer two-factor authentication codes to a new iPhone.

2FA adds an extra layer of security to your online accounts by requiring a randomly generated six-digit code after you've entered your password. Google's app generates codes for your accounts on the fly, but until now the process of transferring accounts to a new iPhone was time-consuming and involved multiple steps.

Thankfully, that's no longer the case, and you can now select which accounts to export by tapping the three dots in the top-right corner of the app and choosing Export accounts.

After you've chosen which accounts to export (you can export up to 10 accounts at a time), the Authenticator app will generate a QR code. Scan this code using the Authenticator app on your new device, and the chosen accounts will be automatically transferred.

In addition to 2FA export, the latest update to the app also adds a refreshed interface and Dark Mode support, which respects your systemwide settings.

Remember, if you buy a new iPhone to replace your existing one and you use the Google Authenticator app, you should transfer those accounts to your new phone as soon as possible, because without the 2FA codes close at hand, you could find yourself locked out of your online accounts.

Google Authenticator is a free download for ‌iPhone available on the App Store.‌ [Direct Link]

Article Link: Google Authenticator iOS App Gains New Export Accounts Option

 

[HQuest]

Too few, too late. Authy has taken the spot as a decent and easy to transfer 2FA application with a much better approach of using iCloud storage for backups and restore. Move along, Google - you had your time.

 

[Eddy Munn]

John Siracusa must be overjoyed!

 

[farewelwilliams]

dump google auth. just use 1pass. easy.

authy is a piece of crap too.

 

[MecPro]

I still use the app and have about 13 accounts I use monthly.

Other than that I use LastPass, so would like to combine the two.

 

[dylanhf]

Well that would have been useful... a week ago

 

[EllZ89]

Authy has had that (and more) for years.

 

[adrianlondon]

dump google auth. just use 1pass. easy.

authy is a piece of crap too.

I prefer bitwarden to 1password.

What's wrong with Authy? I've been using it for over a year and it's been flawless, and syncs between my devices.

 

[richinaus]

Well that would have been useful... a week ago

Yep - stuffed me up too

 

[krakenrelease]

What a joke. Microsoft Authenticator has an iCloud backup that can be restored.

 

[cambookpro]

dump google auth. just use 1pass. easy.

authy is a piece of crap too.

What do you find bad about Authy? Genuine question, I’m a happy user of it but wondering if there are even better solutions.

It’s great having my 2FA codes on my phone, watch and computer. Realise this may be a slight security trade-off if someone somehow gains access to one of my devices physically, but that’s not really why I use 2FA.

 

[Precursor]

Google Authenticator has never worked for me on multiple phones, multiple accounts. Does it really work for anybody??

 

[vgrindheim]

LastPass Authenticator works like a charm.

 

[whirldy]

Google Authenticator has never worked for me on multiple phones, multiple accounts. Does it really work for anybody??

Sadly, when multiple users (100,000s¿) experienced being “locked-out” of various logins that were “established” as 2FA via Google Authenticator (GA), and when they updated iOS or upgraded their iPhone, the GoogAuth app wouldn’t allow saved codes to work, thus, locking people out!!! ?

 

[farewelwilliams]

I prefer bitwarden to 1password.

What's wrong with Authy? I've been using it for over a year and it's been flawless, and syncs between my devices.

some sites that use authy will automatically link authy for you when you type in your phone number.

sometimes I just don't want Authy in the picture, but sites force you to use it.

 

[farewelwilliams]

What do you find bad about Authy? Genuine question, I’m a happy user of it but wondering if there are even better solutions.

It’s great having my 2FA codes on my phone, watch and computer. Realise this may be a slight security trade-off if someone somehow gains access to one of my devices physically, but that’s not really why I use 2FA.

some sites automatically link you to authy when you type in your phone. but when the time comes where i want to switch from authy to just using TOTP within 1password, i couldn't. for some reason, sites like twitch force you to use Authy even if you create a TOTP in 1Password.

 

[JimmyBanks6]

Google Authenticator has never worked for me on multiple phones, multiple accounts. Does it really work for anybody??

That means there is something wrong with the time setting/clock on your devices. Google auth is a simple time based algorithm.

The other theoretical culprit would be that the time setting/clock on every single server of every account you had was off. Which isn’t realistic.

 

[[AUT] Thomas]

lol... no person really using 2FA uses GA anymore...

For GA the ship has sailed long ago...

 

[ds2000]

Using OTP auth. The folders are damn nice and separate all the codes.

 

[Smigit]

Using OTP auth. The folders are damn nice and separate all the codes.

I was also going to recommend OTP Auth. Great app.

 

[DrV]

lol... no person really using 2FA uses GA anymore...

For GA the ship has sailed long ago...

I am just curious... What is wrong with GA from the security POV?

I understand GA is a PITA when changing devices (been there, done that, and now I have printouts of the QR codes in my safe ICE), but the other side of this is that the info is not on anyone’s server.

Another potential downside is the situation where someone has access to my non-locked phone as the app is not requesting any password or biometric id. But what is the use case where this is a real attack vector for 2FA?

I am not saying GA is the best possible solution in the market, but I’d like to understand the security model of these different authenticator apps.

 

[M.PaulCezanne]

Does anyone use Duo Mobile?

 

[Mr Magoo]

Using OTP auth. The folders are damn nice and separate all the codes.

Thanks for the tip. Looks like a nice Authenticator.

 

[BulkSlash]

About three weeks too late. I stupidly forgot about Google Authenticator when I wiped my old phone, luckily I always scanned 2FA codes into my iPad as well so I was able to go through the tedious process of disabling 2FA and generating new codes for all my accounts. I found the Microsoft Authenticator had iCloud backup and so moved all my codes into there and dumped the Google app.

It would be good if Apple could add 2FA support to the iCloud password manager. That way new codes could be autocompleted like passwords without having to go to an external app to copy and paste the code.

 

[[AUT] Thomas]

@DrV Security is not the problem in first place, but the fact that there many other 2FA Apps (the principle is really simple) that do a better job where GA fails at a very important part: backing up 2FA codes. IIRC they were not even backed up using iTunes because they are linked to some device S/N or even security chip.

Now while 2FA leads to elevated security it only does that as long as it's being used. If people get locked out because their GA failed to restore from backup they in the future tend to not activate 2FA anymore.

The conclusion is 2FA without a high level of usability will ultimately not be adopted by customers.

Printing the registration code is of course an option, but it's an unnecessary hassle. A 2FA AP should be able to somehow backup the codes on its own.
2FA codes, unlike private keys of certificate based authentication, are also not top secret, since they are literally a second factor... as such an export should have been possible from day 1.