Google Authenticator finally allows cloud backups for emergency codes this week. With this feature there is no more worry about the account being locked forever because the device with the Authenticator is lost or damaged and the emergency code is not saved. While this feature of syncing Authenticators to multiple devices is useful, it also creates new security issues.
At this time Authenticator does not support end-to-end encryption (E2EE) for the reason of avoiding account lockout if the backed up data cannot be accessed. In a tweet sent by Christiaan Brand, who is a product manager at Google – there are plans to provide E2EE on Authenticator in the future. Currently E2EE is supported on some of their other products.
This is an issue regarding encryption and security systems. To be truly safe a strict system needs to be used. But this also causes if the security code is lost, the process of getting all the accounts will be impossible because it is only known to the owner of the account.
Tags
APPS & GAMES