Security Risk: please check your Google Authenticator App
- 3 minute read
The Google Authenticator app has undergone recent updates, which unfortunately may pose security risks for your Anycoin Direct account. To safeguard your account, it is essential to understand the potential risks and take precautions should you decide to do so.
What changes did Google make?
Google has introduced a new feature that allows the synchronization of devices with each other. When this feature is enabled, Google stores your 2FA code (2-factor authentication) in the Google Cloud. The advantage of this is that users can easily regain access to their Google account if they lose the device with the Authenticator app. The downside is that it creates a ‘backdoor’ to your 2FA codes.
To ensure the security of your Anycoin Direct account, we recommend against enabling the Google Cloud sync feature for the Authenticator app
If you have already enabled it, you can easily disable the feature by following these steps:
- Open the Google Authenticator app on your phone;
- Select your profile;
- Select ‘Use without an account’;
- Tap 'Continue'.
You have now successfully disabled the Google Cloud sync and can use the Google Authenticator app safely.
Why could syncing with Google Cloud be risky?
Let’s say someone gains unauthorized access to your Google login credentials, such as through a data breach. In such a scenario, the intruder would not only gain access to your Google account but also obtain your 2FA codes. If the hacker also knows your Anycoin Direct account password, they can potentially gain access to your Anycoin Direct account. Of course, the decision is ultimately yours and is between convenience (when losing your device) and security (potential backdoor).