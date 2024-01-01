We all know that the first step to securing our digital lives is to have good, strong passwords, all while avoiding using just one that you rely on for every device or account you log into. To help with that, there are plenty of excellent password managers out there to keep all of your passwords locked up and safe from prying eyes, even helping to create passwords for you while keeping them organized and searchable. The next step in keeping your online presence under lock and key is to use two-factor authentication (2FA) on top of a good password.

Thankfully, there are some really great 2FA apps out there to help with that process, too. For me, that app has always been Google Authenticator — it seemed natural to go with that app considering how deeply integrated I am into the Google ecosystem. Though I know I need to have 2FA on my accounts for security, every time I've entered a code, retrieving it from the app was mostly a minor annoyance. That changed in April 2023, and not for the better.

Convenience and security have taken a backseat

The Google Authenticator app still works and does what it is supposed to do — at least, for the most part. But it kind of did it better before Google finally gave the essential app the feature it dreadfully needed in April 2023. See, one of the biggest issues I and many others had with Google's 2FA app was that all the accounts associated with the app were stored locally on the device. That's good. Unfortunately, if you were to lose your phone or it was damaged, you don't have access to your codes, anywhere. That's where the long-awaited update to Google Authenticator was meant to finally save us from the headache of losing access to our 2FA codes.

In short, that April 2023 update brought cloud backups for all those important 2FA codes. So if you were to lose, break, or get a new phone, all you need to do is log into your Google account, and the Authenticator app will load up all your codes and accounts. Huzzah! Well, so we thought. While the part of backing up the codes does work, if you had multiple devices with the Google Authenticator app when the update hit, when you tapped on the updated app logo to view your codes, you were welcomed with duplicates of each account. To make matters worse, the backups weren't even encrypted.

Google makes Android, Google Authenticator, and a pretty good search engine. But the Authenticator app is full of duplicates and isn't searchable.

Google makes the operating system that runs on many of the best phones in the world and also happens to own the top search engine. Not to mention the massive server farms handling all the cloud-based systems for the company. So, why is one of the most important apps a person has on their phone, the one that helps secure accounts, not offering the ability to search for 2FA accounts in its app or easily manage the accounts within?

Perhaps Google is just providing the bare minimum of an app because it plans to replace it at some point in favor of a passkey locker, or to participate in the company's favorite pastime just kill that app off entirely. But as it stands today, scrolling through the app and duplicate accounts within that are in no discernable order that can't be sorted, is a nightmare when you're trying to get logged into an account. Even worse, though, is when I do finally find the account I want, oftentimes the app will auto-reload and jump me back to the top of my list, or when I get to the account, it will change codes and not show the new one for a good ten seconds.

This could all be solved by allowing me to both search in the app and select accounts I want to delete or even hide. Looking at the app, I have over 100 accounts listed, when I really only have about 35. You can delete accounts one by one, but that takes forever, and since the app reloads mid-deletion, I have to go find my spot in the list again. Because of all these headaches, after years of use and trying to stick with it, I've moved onto Aegis to handle my 2FA for the time being. It's been great so far, as I can individually select the accounts I want to move from Google Authenticator, scan the QR codes, and bring everything into Aegis now. I can even sort, backup, and search for codes I want without any hassle.

Desperate need for prioritization

By making the act of using this app so frustrating, despite it being vital to better account security, there is a big risk that some people will give up and choose not to use 2FA at all. Regardless of how important proper account security is, if it isn't easy to manage, people just won't do it, and Google's name being on such a mediocre app makes matters even worse. I'm sure that for the vast majority of users, the large number of duplicate accounts in Google Authenticator isn't as much of an issue. But it should be one at all.

I understand and can deal with duplicates in my account after the transition to cloud backups, but not allowing simple clean-up options like deleting multiple accounts at once or even making a duplicate eraser option in the app is desperately needed. I'd even be willing to put up with all the duplicates if I could search and the app was more stable. But none of those things are true. Instead, it's a garbled mess that I have finally given up on and, for now, found an app that fixes all the issues I have with Google Authenticator.