Google Updates Authenticator App Ahead of iOS 15's Upcoming Built-in Code Generator

[MacRumors]

Google has updated its 2FA Authenticator app for iOS with a new privacy feature that lets users require Face ID or Touch ID before displaying two-factor account authentication codes.

Previously, fingerprint or facial authentication was only required when exporting accounts. Now though, upon activating Google's Privacy Screen feature in v3.2.0 of the app, Face ID or Touch ID is needed in order to show newly generated codes.

The authentication requirement can be set to show immediately, after 10 seconds, 1 minute, or 10 minutes. In addition, Google has added a search bar to the top of the app interface to let users search for accounts.

Google Authenticator's previous update introduced a dark mode and the aforementioned account transfer feature. However, the latest improvements are likely to be seen by many Apple device users as verging on the redundant, following the news earlier this month that iOS 15 will include a built-in password authenticator.

When Apple releases iOS 15 in the fall, iPhone and iPad users will be able to natively generate 2FA verification codes for additional sign-in security, so there will be no need for a separate app.

Apple says that you'll be able to set up verification codes under Passwords in the Settings app. And once set up, the codes will autofill when you sign into a site, making the use of two-factor authentication a more streamlined experience than using a third-party method. This feature will be available on ‌iOS 15‌, iPadOS 15, and macOS Monterey.

Article Link: Google Updates Authenticator App Ahead of iOS 15's Upcoming Built-in Code Generator

 

[cube4ever]

I wonder how easy it'll be to migrate from, say, Authy to the native 2FA app.

 

[peterh988]

I wonder how easy it'll be to migrate from, say, Authy to the native 2FA app.

Yep, I was wondering if it would be possible to do a seamless switch. Hope so.

 

[coolfactor]

Being able to search is a super-useful feature that's long overdue! I have like 30 codes and constantly scrolling through the list to find the one that I want.

 

[coolfactor]

I wonder how easy it'll be to migrate from, say, Authy to the native 2FA app.

There's no way. You need to:

• Disable 2FA using the old app.
• Re-enable 2FA using the new app.

The generated codes are tied to your unique hardware, and each app will use a different algorithm.

If the codes were transferrable, that would make them far less secure. Someone could steal your "profile" and have working codes for all of your accounts on their device. But instead, your device is the only one that will generate the correct codes. That's why it's secure.

 

[psuchari]

There's no way. You need to:

• Disable 2FA using the old app.
• Re-enable 2FA using the new app.

The generated codes are tied to your unique hardware, and each app will use a different algorithm.

If the codes were transferrable, that would make them far less secure. Someone could steal your "profile" and have working codes for all of your accounts on their device. But instead, your device is the only one that will generate the correct codes. That's why it's secure.

Not really. It’s just the seed key and time based. If you saved the QR code when you set up the account, you can readd it

 

[jgbr]

because some of us want a fully independent 2FA app, that we can do a lot more with, in an application not buried or inherently tied to one browser or system.?

 

[Marshall73]

Why wouldn’t Google update their app? Seems a bit of a clickbait title.

 

[arvinsim]

Why is this news?

 

[Pezimak]

Why wouldn’t Google update their app? Seems a bit of a clickbait title.

I have to say I thought that too? I presume Android users use it, and it's not as though users of the app like myself are suddenly going to ditch it and use anything Apple comes up with. Why go through the hassle when Google's works perfectly fine?

 

[W2u7Yw4HaD]

Sorry, Google, after years of use, I moved over to the Lastpass auth app... It has backup at least which was always a danger with this app... While it would be nice for lastpass auth app to work and push the codes as they claim (almost never works!) at least I can copy and paste using handoff between iPhone and mac for example.. Happy to drop it for something better for sure..

 

[cupcakes2000]

What a weird headline. Just because Apple introduce something everyone should stop updating similar software? Talk about trying to create a story out of nothing. Clickbait or what. Say it for what it is:
FRONT PAGE NEWS - GOOGLE UPDATES APP.

 

[iHorseHead]

I'm surprised by the comments here.
I personally use Google Authenticator, because of work and I dearly hope it'll continue working.

 

[jgbr]

It’s a little fan boyish to think that just because Apple has done soemthing that everything else is now outdated and irrelevant [not even officially released or fully tested yet]. Other 2FA apps have way more capability and probably security to some degree.

 

[Wildkraut]

Who the hell is crazy enough to trade nice working cross platform solutions for a trapped B$, not I.
I'll keep using Authy and Yubikeys, no space for Apple.

 

[koil]

because some of us want a fully independent 2FA app, that we can do a lot more with, in an application not buried or inherently tied to one browser or system.?

If Apple were consumer-focused here they would have built this into the password manager APIs, allowing third party solutions like 1Password, Google Authenticator, or LastPass to use it.

This implementation, to me, just reads as more vendor lock-in disguised as functionality. I have no doubt it works great, but some people who needs to use 2FA a bunch for work don't always have the luxury of using an Apple-only solution.

 

[coffeeboat]

No one should be using Google Authenticator tbh. It doesn't backup your keys at all. Even if you backup all the data on your phone, e.g. via iCloud.

So if you accidentally drop your phone and have to send it off for repair, you'll lose access to all of your accounts. It's not too much of a problem if you kept all the recovery keys, but I'm betting the average user will either end up losing those or not bothering to save them in the first place.

If you use Google Authenticator please - make sure you have your recovery keys printed out, or just move to Authy which does backup your auth codes. You may be able to tell I'm speaking from experience...

 

[cupcakes2000]

If Apple were consumer-focused here they would have built this into the password manager APIs, allowing third party solutions like 1Password, Google Authenticator, or LastPass to use it.

This implementation, to me, just reads as more vendor lock-in disguised as functionality. I have no doubt it works great, but some people who needs to use 2FA a bunch for work don't always have the luxury of using an Apple-only solution.

Luckily for you, me and many others here, we have the choice of almost anything we want, and/or a combination of solutions. I myself use Strongbox/Keepass and let iCloud save the less sensitive stuff.
BUT, there are plenty of people with just apple stuff, and even more people with just an iphone and nothing else. Apples solution is barebones (a bit less so with the TTOP options now), but its simple, secure and brings default password management to the masses who have never cared about this stuff.

 

[duanepatrick]

I suppose Google will also release their Android 12 ahead of iOS 15

 

[singularity0993]

I sense antitrust lawsuits incoming…

 

[Stella]

No one should be using Google Authenticator tbh. It doesn't backup your keys at all. Even if you backup all the data on your phone, e.g. via iCloud.

<snip rest>

When you create a 2FA code, you are supposed to keep a record of the unique codes / recovery codes, or better, the QR code. If you do that, your good. Google Authenticator doesn't need a backup option.

 

[slplss]

Clickbait or what. Say it for what it is:
FRONT PAGE NEWS - GOOGLE UPDATES APP.

”(intro boosted to 500%) ’Sup guys, (subscribe and smash that alarm bell) this is FPN, Ef-(YT Ad 1)-Pi: En, Fah Pah Nah (insert fart joke) in to-(YT Ad 2)-day’s news (VPN sponsor time) Google (awkward joke) updates (awkward stare, minute of silence) app (rolls 500% boosted outro).
I’d be a good tuber.

 

[atax4667]

I really feel like Authy is a turn key solution already in place. Will be curious to see how Apple implements it, we haven't actually seen it in action in iOS DB 1 yet have we?

 

[DaveTheRave]

Why wouldn’t Google update their app? Seems a bit of a clickbait title.

Because years ago Google's app was the go-to for 2FA. And then it stagnated - no cloud backup or multi-device support, which is a pain if you change phones. And the labeling of the codes was limited, too. So I dumped Google and moved over to Authy. Now I can get my 2FA on multiple devices and adding to one syncs to others, too.

Now that Apple is going to make 2FA more mainstream, it seems that Google is finally starting to innovate again. Its great what competition can do!

 

[xmagicx]

I am using it already and its great. I mean the 2FA in passwords..