Trusted

Concerns Raised Over New Google 2-Factor Authentication

2 mins
Updated by Ali Martinez
Join our Trading Community on Telegram

In Brief

  • Google's Authenticator app has a new update that allows for the backup of one-time codes.
  • Critics have raised concerns about cloud synchronization and potential security risks.
  • Adding to concerns, the traffic during sync between devices is also unencrypted.
  • promo

Crypto traders are growing alarmed about a new Google 2-factor authenticator app update. Critics say it puts your crypto at risk.

Google has recently released an update to its Authenticator app. Its product, used for 2-factor authentication (2FA) across various sites and services, is one of the most popular on the market. 

Crypto Holders React to New Google 2-Factor Authentication

The update allows for the safe backup of one-time codes (OTPs) to a user’s Google account. This addresses a long-standing issue with the app where a loss of the device with the Authenticator installed would mean the loss of access to all 2FA-enabled services. 

However, a second concern has been raised by two cybersecurity experts. The traffic during sync between devices is not encrypted. This allows Google to view the secrets and seeds stored on their servers.

Google 2-Factor Authenticator Exposed
Google Authenticator Exposed. Source: Mysk

If there’s a data breach or someone gains access to the Google account, all 2FA secrets could be compromised. Google can also see which online services users use, which could be used for personalized ads.

While this update may strike some as a convenience, it has also raised concerns about cloud synchronization and the potential for increased security risks.

Many crypto exchanges will require users to set up 2FA to access their accounts or withdraw funds. Digital wallet providers may also require users to use 2FA to access their wallets or to send funds.

The Issue: OTP Cloud Storage

The primary concern is that the update makes it easier for hackers to access 2FA-enabled services.

Since the OTPs are now stored in a user’s Google account, a hacker who gains access to the account could potentially access all services using Google’s 2-factor Authenticator app.

While using strong passwords and other security measures can mitigate the risk, it is still a cause for concern.

Google has noted that this feature is optional and can be turned off if users prefer not to use cloud synchronization. Additionally, users can have a separate device for their authentication app, with no other apps or data stored on it. This will also help curb your security risk.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Frame-2298.png
Josh Adams
Josh is a reporter at BeInCrypto. He first worked as a journalist over a decade ago, initially covering music before moving into politics and current affairs. Josh first owned Bitcoin in 2014 and has followed the space ever since. He is particularly interested in Web3 adoption, policy and regulation, CBDCs, privacy, and the future of the metaverse.
READ FULL BIO
Sponsored
Sponsored