The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) to the cloud.

“This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security,” Google’s Christiaan Brand said.

The update, which also brings a new icon to the two-factor authenticator (2FA) app, finally brings it in line with Apple’s iCloud Keychain and addresses a long-standing complaint that it’s tied to the device on which it’s installed, making it a hassle when switching between phones.

Even worse, as Google puts it, users who lose access to their devices completely “lost their ability to sign in to any service on which they’d set up 2FA using Authenticator.”

The cloud sync feature is optional, meaning users can opt to use the Authenticator app without linking it to a Google account.

Whatever your business, however big or small it is, you will receive phishing attacks at some point. Think about how you will help your staff understand the threat and how to spot phishing. As with other advice, give them the tools to defend against it in their personal lives and they will bring that behaviour back to work. Let The Cloud Consultancy secure your business.

That said, it’s always worth keeping in mind the pitfalls associated with cloud backups, as a malicious actor with access to a Google account could leverage it to break into other online services.

The development comes days after Swiss privacy-focused company Proton, which surpassed 100 million active accounts last week, unveiled an end-to-end encrypted password manager solution called Proton Pass.

The open source and publicly auditable tool, which makes use of the bcrypt password hashing function and a hardened version of the Secure Remote Password (SRP) protocol for authentication, also comes with 2FA integration.

Source: The Hacker News   By: Ravie Lakshmanan