Woah! Read this before you update the Google Authenticator app on your iPhone

Graham Cluley
Graham Cluley
@[email protected]

Google AuthenticatorGoogle has updated Google Authentictor, its iOS app for managing two factor authentication codes for accessing accounts.

But if you install the app onto your iPhone or iPad, you’ll find it wipes out all of your existing account information.

What does that mean? Well, next time you try to log into a website or service that you have set up to require a two factor authentication code from Google Authenticator, you’ll find that the app isn’t creating a code for you as it is has wiped all of your tokens, and is no longer connected with your online services.

In short, you’re locked out. All because you updated Google Authenticator.

Sign up to our free newsletter.
Security news, advice, and tips.

Users will have to try to access their accounts via a different methods (lets hope you registered a backup device for this kind of emergency) to setup Google Authenticator with their accounts again.

What a pain. Did Google do no quality assurance on this update?

Google Authenticator

Curiously, the Android version of Google Authenticator appears to be unaffected.

Bugs like this certainly aren’t going to do any favours when it comes to encouraging more people to adopt two factor authentication for better security.

My advice is to hold off updating Google Authenticator until Google sorts this mess out, something that The Next Web reports the firm is already working on.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “Woah! Read this before you update the Google Authenticator app on your iPhone”

  1. Joseph Ghammashi

    Kind of makes you think twice about having iOS 7 automatically download and install updates.

  2. If you're looking for a replacement for Google's Authenticator app, check out Duo Security's mobile application. It supports everything Google's does (including TOTP-based services) but is actually a first-tier app and not an after thought like Google's offering. Some details are over at http://guide.duosecurity.com/third-party-accounts — it even supports iOS 7 properly, too!

  3. Agent V.

    My tokens were nuked last night due to this issue. Fortunately I had back up methods to restore access to my accounts and have already restored access to all my accounts.

    I do hope the "fix" doesn't nuke my efforts this morning!

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.