Crypto traders are growing alarmed about a new Google 2-factor authenticator app update. Critics say it puts your crypto at risk.
Google has recently released an update to its Authenticator app. Its product, used for 2-factor authentication (2FA) across various sites and services, is one of the most popular on the market.
Crypto Holders React to New Google 2-Factor Authentication
The update allows for the safe backup of one-time codes (OTPs) to a user’s Google account. This addresses a long-standing issue with the app where a loss of the device with the Authenticator installed would mean the loss of access to all 2FA-enabled services.
However, a second concern has been raised by two cybersecurity experts. The traffic during sync between devices is not encrypted. This allows Google to view the secrets and seeds stored on their servers.
If there’s a data breach or someone gains access to the Google account, all 2FA secrets could be compromised. Google can also see which online services users use, which could be used for personalized ads.
While this update may strike some as a convenience, it has also raised concerns about cloud synchronization and the potential for increased security risks.
Many crypto exchanges will require users to set up 2FA to access their accounts or withdraw funds. Digital wallet providers may also require users to use 2FA to access their wallets or to send funds.
The Issue: OTP Cloud Storage
The primary concern is that the update makes it easier for hackers to access 2FA-enabled services.
Since the OTPs are now stored in a user’s Google account, a hacker who gains access to the account could potentially access all services using Google’s 2-factor Authenticator app.
While using strong passwords and other security measures can mitigate the risk, it is still a cause for concern.
Google has noted that this feature is optional and can be turned off if users prefer not to use cloud synchronization. Additionally, users can have a separate device for their authentication app, with no other apps or data stored on it. This will also help curb your security risk.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.
Source: https://beincrypto.com/concerns-raised-googles-new-authenticator/