Why do we discourage using Google Authenticator for 2FA ?

Modified on Wed, 15 Oct at 11:04 AM

Until now, the Google Authenticator app used to store OTPs only on the primary device.
This meant that if a user lost access to their device, they wouldn’t be able to access any of their accounts secured with the 2FA mechanism.

Now, this new feature lets users back up their 2FA codes to the cloud, which allows them to access the codes from other devices.

Screenshot

Note: This new app update is not available on all Android and iOS devices yet.

What are the security concerns?

Unfortunately, Google has not implemented end-to-end encryption for the codes uploaded to their cloud servers, which makes them susceptible to hackers during sync.
Moreover, if hackers gain access to your Gmail account, they could also access all the one-time codes associated with your accounts.

Our Recommendation

To safeguard your accounts, we strongly recommend that users do not enable the Google Cloud sync feature for their Delta Exchange 2FA.
Although convenience is important, the security of digital assets should always take precedence.

For users who have already enabled the 2FA code cloud sync, we suggest disabling this by following the steps below.

How to disable Google Authenticator sync feature

With the new update, Google sort of pushes the syncing feature, so you may find yourself logged in with a Google Account. Fortunately, that’s easy to reverse.

Steps:

  1. On your device, open the Google Authenticator app.

  2. Tap your profile photo.

  3. Tap Use without an account.

  4. Tap Continue.

Google Authenticator without sync




Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article