Credit: Joe Hindy / Android Authority
- Google rolled out a new feature for its Authenticator app that syncs the app across devices.
- Security researchers found that the new feature doesn’t have end-to-end encryption.
- The researchers recommend avoiding the feature for now.
Earlier this week, Google introduced a new feature to its 2FA Authenticator app. The new feature allows the app to sync to a Google account, allowing Google Authenticator codes to be used on different devices. Now security researchers are saying to avoid the feature for now.
On Twitter, security researchers at the software company Mysk revealed that they tested the Authenticator app’s new feature. After analyzing the network traffic when the app syncs to another device, they found the traffic was not end-to-end encrypted.