iOS users are being warned to not update to the latest version of the Google Authenticator app. The reason for this is that a bug in the latest version of Google Authenticator for iOS will wipe the existing MFA (Multi-factor authentication) codes from the device when upgrading to the latest version, effectively blocking access to sites that require 2-step-authentication.
Warning! The iOS @google Authenticator 2.0.0 update removes all existing tokens on installation. Really inconvenient!
— Alec Edworthy (@alecedworthy) September 4, 2013
Finally get a Google authenticator update for iOS… updating deleted all my accounts. Marvellous!
— Jake Stubbs (@JakeStubbz) September 4, 2013
Damn it! The google #authenticator update wiped all of my codes. Any ideas out there?
— Alexrrr (@Alexrrr) September 4, 2013
Google is aware of this issue and is currently working on a fix that will hopefully allow iOS users to update the authenticator app whilst preserving the existing MFA tokens. People who have upgraded to the latest version of Google Authenticator and have had their codes wiped are being advised to use their backup codes should they have made them. Annoyingly, Google haven’t announced anything regarding this issue, or any updates on when a fix will be coming. If I find anything useful I will post.
In the meantime, here are some useful articles/pages that may help gaining access to certain sites if you are an affected users:
- Dropbox – What do I do if I lost my phone or can’t sign in using two-step verification?
- Google – My phone was lost or stolen
- AWS (Amazon Web Services) – Link to seek assistance from the AWS team regarding this issue.
[Update] The app has now been removed from the app store and will be replaced as soon as Google have fixed the issue.