Google Has Changed Its Data Security Settings
The latest update to Google Authenticator, version 5.20R4, removed the option introduced in May this year. Instead, it is about the slightly controversial “Click to reveal PIN” feature.
In late May, Google Authenticator presented the first update in a year, which hid two-factor authentication codes. This is a 6- or 8-digit one-time digital password that the user must provide in addition to the username and password to log in to Google or other services. With that update, you had to activate the "Click to reveal PIN" button to see the 2FA codes. Now, when you open the program, you immediately see all the two-factor authentication codes in the list.
The practicality of the May innovation was questionable. Presumably, Google tried to add another layer of security with the “Click to reveal PIN” feature. Surrounding strangers who are too close to you, for example, in a crowded subway, would not be able to see and steal your sensitive data. On the other hand, 2FA codes change every 30 seconds anyway, so it's unclear how effective this measure was.
There has been no official explanation from Google for removing the feature yet, but it will be interesting to hear what guided it. Over the past two years, Google Authenticator has not received many updates. Therefore, such jumps probably have a specific basis, which we do not always consider.
Have you caught the latest update to Google Authenticator yet? Does it make any sense? Please share with us your opinion about information security in the comment section.