Woah! Read this before you update the Google Authenticator app on your iPhone

Graham Cluley
Graham Cluley
@[email protected]

Google Authenticator Google has updated Google Authentictor, its iOS app for managing two factor authentication codes for accessing accounts.

But if you install the app onto your iPhone or iPad, you’ll find it wipes out all of your existing account information.

What does that mean? Well, next time you try to log into a website or service that you have set up to require a two factor authentication code from Google Authenticator, you’ll find that the app isn’t creating a code for you as it is has wiped all of your tokens, and is no longer connected with your online services.

In short, you’re locked out. All because you updated Google Authenticator.

Sign up to our free newsletter.
Security news, advice, and tips.

Users will have to try to access their accounts via a different methods (lets hope you registered a backup device for this kind of emergency) to setup Google Authenticator with their accounts again.

What a pain. Did Google do no quality assurance on this update?

Google Authenticator

Curiously, the Android version of Google Authenticator appears to be unaffected.

Bugs like this certainly aren’t going to do any favours when it comes to encouraging more people to adopt two factor authentication for better security.

My advice is to hold off updating Google Authenticator until Google sorts this mess out, something that The Next Web reports the firm is already working on.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

3 comments on “Woah! Read this before you update the Google Authenticator app on your iPhone”

  1. Joseph Ghammashi

    Kind of makes you think twice about having iOS 7 automatically download and install updates.

  2. If you're looking for a replacement for Google's Authenticator app, check out Duo Security's mobile application. It supports everything Google's does (including TOTP-based services) but is actually a first-tier app and not an after thought like Google's offering. Some details are over at http://guide.duosecurity.com/third-party-accounts — it even supports iOS 7 properly, too!

  3. Agent V.

    My tokens were nuked last night due to this issue. Fortunately I had back up methods to restore access to my accounts and have already restored access to all my accounts.

    I do hope the "fix" doesn't nuke my efforts this morning!

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.