Snippet: Google’s Abandoned Android Authenticator App ☇

Terence Eden (via Stalyn Disla):

For two-and-a-half years, Google hasn’t touched their 2FA app’s code. Perhaps it is perfect? Perhaps there are no more UI improvements or security enhancements that can be done? Or, more likely, it joins a long graveyard of Android apps – launched optimistically and then abandoned.

I get it, not every product you release is a winner. And some have to be shuttered gracefully. But Google Authenticator is special. It is trusted to protect users’ accounts. Not just Google accounts – thousands of providers specifically recommend it.

Although I tend to focus on iOS and Apple as a whole on this site, it seems everyone recommends Google Authenticator and this kind of neglect is frustrating. On the Android side, it makes a lot of sense that recently-discovered malware would target this kind of application. Still, the general attitude seems to give me pause whether or not any Google product should be seen as a long-term viable solution.