
Android malware can steal Google Authenticator 2FA codes - laktak
https://www.zdnet.com/article/android-malware-can-steal-google-authenticator-2fa-codes/
======
notlukesky
These type of attacks on Authenticator codes generators that don’t have a PIN
protection and other measures to mitigate against these type of attacks will
be on the increase. I use SAASPASS Authenticator for my personal services and
it has measures against this type of attacks.

From SAASPASS website on the SAASPASS Authenticator versus Google
Authenticator:

SAASPASS encrypts all data, whereas Google Authenticator stores keys in
plain/clear text; this is a problem especially with rooted devices and backup
programs, where unencrypted data can be viewed easily

[https://saaspass.com/authenticator/](https://saaspass.com/authenticator/)

Full disclosure: We resell and integrate SAASPASS IAM to enterprises.

