Authenticator (Google Authenticator) For Creating And Managing Two-Factor Authentication (2FA) Codes On Various Platforms Such As Exchanges Concentrated, You Use
Google has recently released version 4.0 of this popular application for Android and iOS. In it, users can sync their two-factor verification codes with their Google account (Gmail). Previously, if a device was lost or destroyed and the user did not save their authenticator backup codes, their two-factor authentication codes would be virtually unrecoverable.
Recover your duality quickly. Now, with this feature, there is no need for authenticator backup codes that are provided before creating any two-factor verification code. If the user has synced his application with his user account, he can enter the verification codes by entering Gmail and password. In other words, two-factor codes can be tied to your Google account instead of the device.
Google notifications He said about the addition of this possibility:
Different services can count on maintaining users’ access, which means more convenience and security. This change means users will face fewer problems, like losing access to their codes. One of the main feedbacks we’ve received from users over the years is the complexity of dealing with lost or stolen devices with Google Authenticator installed.
Although Google believes that this change is for the benefit of users in terms of security, the security company SlowMist, which works in the field of blockchain, says that this greater convenience ultimately entails more security risks.
The experts of this collection, in a tweet, wrote:
If you use this method to recover your two-factor verification codes, your mailbox will be compromised. If your Gmail is hacked, access to your two-factor codes may also be stolen, which is a considerable risk. Pay attention to these risks.
Generally, paying attention to its security risks is better before deciding whether to use this new possibility or continue with the old method (note the backup codes).