One of the most effective ways to stop your online accounts from being hacked is to turn on two-factor authentication. The security measure, often known as 2FA or multifactor authentication, requires you to enter a numerical code in addition to your username and password. So even if someone gets your password, they can’t break into your account without having your sign-in code too.
For years, security experts have recommended using authentication apps to generate these codes. All you have to do is scan a QR code for the service you want to turn 2FA on for, and the app will generate a new log-in code around every 30 seconds. This week, Google has given its 2FA app, Google Authenticator, a much-needed overhaul.
Google redesigned Authenticator, making it less clunky, and in the process added one potentially handy new tool: the ability to sync your sign-in codes to your Google account and to different phones and tablets. This essentially means your instagram, Gmail, or Reddit 2FA codes—plus, all the other accounts you have it turned on for—will be backed up. The tweak makes it far less burdensome to switch devices if your phone with 2FA codes stored on it is lost or stolen—and it can even save you from being locked out of some accounts entirely.
“Since one-time codes in Authenticator were only stored on a single device, a loss of that device meant that users lost their ability to sign in to any service on which they’d set up 2FA using Authenticator,” Christiaan Brand, a group product manager at Google, wrote in a blog post announcing the change. Brand says the sync feature has been one of the most requested since the Authenticator app was released in 2010. “This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security.”
Syncing your Google Authenticator codes now happens through your Google account—the feature is available on the latest iOS and android versions of Google’s app. Authenticator gives you the option to use the app with your Google login, and if you select this option, your Google profile will show in the top right corner of the app, next to a sync icon. When I downloaded Authenticator on my iPad after setting up sync on my phone, the codes appeared once I had logged in. There is also the option to keep using Google Authenticator without logging in to a Google account.
Jake Moore, global security advisor at security firm ESET, says he has previously been locked out of an authenticator app and knows the frustrations that come with trying to log back in to all your accounts when you don’t have access to your sign-in codes. “Upgrading a phone has been made easier over the years with cloud storage, but authenticating apps have been slow to the party and held back reservedly on security,” Moore says.