Hacker News new | past | comments | ask | show | jobs | submit login

What does it mean that it 'loses all accounts'?

I use two factor auth but not this app, so I am not sure why people are going to have such a bad day...




You add your Google (and potentially other) accounts in the app - then you need to open the app to log in to your account.

The app is "forgetting" and no longer displaying the accounts you add, such that you open Authenticator and it's empty.

You can no longer log in to your Google account without one of the 10 printed one-time access codes you made when you first set it up.


> You can no longer log in to your Google account without one of the 10 printed one-time access codes you made when you first set it up.

* or a backup phone number that's been verified (i.e. send a verification code and confirmed).


Hm, the point of authenticator is to not use the phone, because phjone numbers may be more vulnerable. wasn't there a case of social hacking where the telco forwarded to hacker's phone?


That was a case of them circumventing the 2FA he had, they just granted access. Authenticator is a mobile phone app, how are you supposed not to use your phone with it?


You could set it up on a tablet.


Which are still quite a bit rarer than smartphones. Plus it makes your password way less portable.


I measnt not use the phone network, because the SMS could be diverted.


You get greeted by a "let's begin" screen, and all your accounts/credentials have magically gone away. This happened to me 5 minutes ago.

Edit: tweet with picture: https://twitter.com/jawj/status/375144792126410752


That seems awfully similar to what keeps happening with their G+ and Hangouts app: every few weeks, the apps think you never logged on the damn thing, and take you back through the whole process including a welcome tour!


So your account has not gone away, nor has it been deleted, nor has any magic happened; your account is still there safe and sound on Google's servers, it's just that the settings in this one mobile app have been wiped, correct?


Without the settings in your authenticator you're locked out of accounts that require a 2-factor token from it, unless you've got backup tokens printed out.


Correct. As long as you have a backup method of logging in (one time use password, phone # recovery, etc) you can get back in and register new 2FA.


Well, depends on where you're looking. The app's record of the account has gone away. Given that this is an authentication app, that's a rather serious problem.


Yes, but this is the mobile app that lets you log into your account on Google.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: