In the future, Google can also save one-time codes generated by the authenticator in the Google account. Previously, you had a problem if you lost your smartphone and the app. The one-time codes for two-factor authentication were then also simply gone. As Google now announces in a blog post, the one-time codes are still securely stored, but in a different location.
The feature comes with a recent update of the Authenticator app. The service can then be linked to your own Google account. However, it is not a must, you can continue to use the app independently without synchronization. The authenticator is available for iOS and Android.
Two-factor authentication in different ways
Google writes in blog post also that one continues to work on a future without passwords – but authentication codes are still an important part of security on the Internet. “The registration process is the front door to personal information. At the same time, it is the primary gateway for risks that are particularly worthy of protection,” explains the company. The authenticator has been available as a second factor for websites since 2010.
But there is also the Google Password Manager, which saves passwords, and “Sign in with Google”, a single sign-on service that allows you to log in to other applications with your Google credentials. When logging in with a new device, a warning appears. Google recognizes passwords that become known during a security incident and also warns users.
In addition, Google works together with other companies in the Fido Alliance. This association is about open and license-free industry standards for authentication on the Internet using passkeys. FIDO stands for Fast Identity Online Alliance. The companies also include Paypal, Alibaba Group, Mastercard, Microsoft, Qualcomm and many more.
In principle, two-factor authentication is now mandatory for all Google services. This should increase security. You don’t have to use the authenticator app, the smartphone itself can also serve as a second factor. There are also numerous other services that generate so-called TOTPs – these are time-based one-time passwords.
also read
(emw)