All articles tagged with #authenticator
Microsoft's Authenticator app will stop supporting passwords on August 1, shifting users to passkeys, which use biometric data or PINs for safer authentication. Users are advised to transition to passkeys or alternative password managers like Bitwarden or 1Password to securely store their passwords, as Microsoft will no longer support password storage or autofill features.
Microsoft is discontinuing the use of passwords in its Authenticator app starting August 1, shifting users to passkeys, a safer authentication method using biometrics or PINs. Users should prepare by setting up passkeys and choosing a new password manager, with recommendations including Bitwarden and 1Password, to enhance account security and transition smoothly from traditional passwords.
Microsoft will delete all saved passwords in its Authenticator app on August 1, urging users to export and migrate their passwords to other password managers or browsers, as part of a move to promote passkey technology and streamline security features.
Microsoft will stop supporting passwords in its Authenticator app starting next month, transitioning to passkeys which use biometric data or PINs for safer authentication. Users are advised to switch to passkeys or alternative password managers like Bitwarden or 1Password before the transition in August to enhance account security.
Microsoft is ending the autofill feature in its Authenticator App this month and will soon make saved passwords inaccessible in August 2025, urging users to switch to passkeys for enhanced security, as passwords are increasingly vulnerable to breaches.
Microsoft will end support for passwords in its Authenticator app starting August 2025, shifting towards a passwordless future with technologies like passkeys and Windows Hello, encouraging users to switch to dedicated password managers for storing and autofilling passwords.
Microsoft will phase out password support in its Authenticator app by August 2025, replacing passwords with more secure passkeys that use biometric data or PINs, enhancing security and reducing risks of hacking and identity theft.
Microsoft is ending support for saved passwords in its Authenticator app by August, urging users to switch to passkeys for enhanced security, as traditional passwords become obsolete due to increasing cyber threats.
Microsoft is transitioning away from traditional passwords in its Authenticator app by August 2025, encouraging users to adopt passkeys, which use biometric data or PINs for more secure and convenient account access, replacing vulnerable passwords and enhancing online security.
Microsoft is enforcing "number matching" as an additional step in its Authenticator app to enhance the security provided by Multi-Factor Authentication (MFA) for all users starting May 8, 2023. Users will need to enter the number provided into their Authenticator app when signing in. This is to combat MFA attacks such as phishing, brute forcing, and push bombing attacks. Microsoft highly recommends enabling number matching for improved sign-in security.
Google's updated Authenticator app adds Google account synchronization, but the sync process isn't end-to-end encrypted, potentially leaving the seed used to generate 2FA codes visible to Google when stored on its servers. Salesforce Community users are leaking private data due to misconfigured user permissions. A new Meltdown side-channel attack has been discovered that affects multiple generations of Intel CPUs and targets the EFLAGS register using a transient execution flaw to change context execution time.
Google plans to add end-to-end encryption (E2EE) to its Authenticator app in the future, after security researchers criticized the company for not including it with the app's account-syncing update. While the syncing feature makes it easier to sign into accounts on new devices, it poses some security concerns, as hackers who break into someone's Google account could potentially gain access to a trove of other accounts as a result. If the feature supported E2EE, hackers and other third parties, including Google, wouldn't be able to see this information.
Google Authenticator's new feature that enables the backup and syncing of 2FA codes across devices using a Google Account is not end-to-end encrypted, leaving the sensitive one-time passcodes potentially exposed to bad actors. Mysk security researchers found that the unencrypted traffic contains a "seed" that's used to generate the 2FA codes, and anyone with access to that seed can generate their own codes for the same accounts and break in to them. Google has advised users not to enable the Google account feature that syncs 2FA codes across devices and the cloud until end-to-end encryption is added.
Google Authenticator's new feature to backup 2FA data into the cloud and restore it onto other devices has been found to be unencrypted, making the seeds available to Google and anyone with a search warrant for the data. Researchers advise against using the new syncing feature until Google adds a passphrase feature to encrypt the upload before it leaves the device. Google has responded by admitting that it intentionally released the feature without end-to-end encryption but has plans to offer it down the line.
Google has updated its Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. The cloud sync feature is optional, meaning users can opt to use the Authenticator app without linking it to a Google account. The update finally brings it in line with Apple's iCloud Keychain and addresses a long-standing complaint that it's tied to the device on which it's installed, making it a hassle when switching between phones.