At the beginning of the week, we told you that finally Google Authenticator offers the possibility to use the cloud to share our “keys” to access the services we have configured in it on different devices. It assumes that a huge improvement in an enterprise key management solution, 2FA, you know, a security system that enforces an access password with a unique login code that must be used in addition to the password. Many services offer different alternatives to this unique key, of which receiving an SMS message is the most popular, but certainly not the most secure.

If you haven’t used Google Authenticator, Authy or similar apps before its operation is quite simple. It is enough to indicate in the service that you want to protect with this system that you will use 2FA (of course the service in question must support it), indicate that you will use an application of this type, scan the BIDI from it and automatically the application will start generating temporary random codes. So when you want to access the service, you just need to enter your login information and in the second step also write the current password that you see in the application.

The problem with these apps is that if you lose access to them… you also lose access to all the sites where you need to use the temporary keys they generate. However, with the cloud synchronization that Google Authenticator has been offering since the beginning of the week, this risk is significantly reduced, because if you lose access on one device, if you have configured it on another, you will still have access to temporary codes. So that’s great news, but it wasn’t so great when it became known that v In this first implementation of the feature, Google Authenticator Cloud Sync does not use end-to-end encryption.

However, this will change in the future because, as we can read in The Verge, Google plans to add end-to-end encryption to Authenticatorand confirms it based on several reports from Christiaan Brand, a Google product manager. However, there is no specific date at the moment (or at least this has not been released), so we may have to wait for a while, but it is comforting to know that its implementation is on the company’s to-do list.

In the current situation, there are many users who prefer not to use Google Authenticator cloud sync, which is more than understandable. And in response to these caveats, the application continues to allow its use in the traditional way, that is, the information is kept exclusively local and therefore never passes through Google’s servers.