Google Authenticator removes ‘Click to reveal PIN’ feature

By Arya M Nair, Official Reporter
  • Follow author on
Representational Image

Google Authenticator has removed the ‘Click to reveal PIN’ feature with the latest update.

Google had reportedly rolled out the v5.20 update in May, that hid the two-factor authentication (2FA) code until the user tapped to reveal it.

The update was intended to add extra security, but was not received well by the users. The Google Authenticator v5.20R4 update is back-tracking this feature. In 2020, Google also released an update for its Authenticator app to allow users to manage their account security keys easily while switching to a different phone. So far, when migrated to a new phone, the user had to repeat the entire process of verifying and generating 2SV codes.

Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm and HMAC-based One-time Password algorithm, for authenticating users of software applications.

Google has emphasized that security is a “high priority” for them. It said that no data is sent to Google servers while the 2SV codes are transferred and that users are alerted to make them know that a transfer has taken place. However, in February 2020 there were reports saying that the Google Authenticator codes can allegedly be stolen by an Android Malware called “Cerberus”.

Meanwhile, Google has updated Authenticator’s Play Store release notes to say that it “added device encryption to the storage of secret values.” There are no other changes to the app and this latest version of Google Authenticator was widely rolled out earlier this week.

Related: Google Gboard testing split keyboard option for foldable phones