How to Finally Use Google Authenticator Without a Phone
Since its inception, Google Authenticator has been a popular choice for generating two-factor authentication codes on the fly. The service is reliable and secure, but it has always had one major problem: the inability to sync authentication codes between devices, which puts you at risk of losing access to all your 2FA accounts.
You could transfer these codes, but the process was long, tedious, and often unreliable. The biggest risk was if your phone was even stolen or if you gave it away before handing over authentication apps . You’d better hope all those backup codes are kept somewhere safe so you can go through the whole system setup process again. It’s tedious if you have dozens (or hundreds) of secure accounts, and a disaster if you don’t have backup codes.
This issue was the main reason why Google Authenticator never made it to the top of our best 2FA apps list . But now Google has taken the first step in the right direction by enabling account sync for all codes by default.
How Google Authenticator Account Sync Works
After updating the Authenticator app on Android or iOS, you’ll see a brand new app icon and a green cloud icon in the top right corner. This tells you that account sync is enabled and you can finally add as many 2FA codes as you want to the Authenticator without worrying about losing access. (However, we still recommend keeping backup codes in a secure password manager like Bitwarden .)
This change, of course, is great for convenience, but not the best news for full-fledged protection. If someone manages to sign into your Google account, they now have access to all of your one-time passwords. Google is aware of this and is making this feature optional. If you want the accounts to be local to the device, you can click the “Profile” icon and select ” Use non-account authenticator “.
There is some work that Google can do in this area. They can learn from the Authy app, one of the first 2FA apps. Authy offers account syncing but requires a unique password for 2FA account recovery and has a toggle to remove other devices from syncing.
All said and done, Authenticator has become a great alternative for Android users. If you’re in the Apple ecosystem, you can also use iCloud Keychain to store and sync 2FA codes .
[ Scalable ]