Google Authenticator offers two-factor authentication (2FA) synchronized across your entire Google Account, but this approach raises a number of security issues. Here’s how to use Google Authenticator offline and disable synchronization with your Google Account.
The new Google Authenticator update
Google Authenticator is a tool for storing two-factor authentication codes. In the past, it was only available offline, which meant that users didn’t have to worry about malicious actors accessing these codes. Thanks to a recent update, Google Authenticator has been extended to any device using your Google account. The main problem this solves is the need to add a 2FA access code to every device you own. Now, you can add this 2FA passcode to a device and see it synchronized on all the other Google Authenticator apps in your Google Account. Google has clarified, however, that this new feature is not end-to-end encrypted. This means that the risk of a malicious actor getting hold of your synchronized 2FA codes, while unlikely, is not zero.
How do I disable Google Authenticator’s synchronization function?
If you don’t want to take the risk, you can use Google Authenticator outside your Google account. This disables synchronization and leaves your 2FA codes local only. With the new update, Google has somehow pushed the new synchronization feature, so you can find yourself logged in with a Google account. On the other hand, it’s easy to reverse this situation: On your device, open the Google Authenticator app
- Tap on your profile photo
- Click on “Use Authenticator without account”.
- Press “Continue”.
