A recent update to the Google Authenticator app may be causing user’s one-time password credentials to be erased, potentially preventing them from accessing online services using two-step verification, according to several user reports in the Google Authenticator project group. Google Authenticator is an iOS app that allows users to store credentials for Google’s 2-Step Verification feature, and is also used for two-step verification with other third-party services such as Dropbox and Amazon Web Services (AWS).
Although several iOS 7 beta users had reported problems with losing credentials in the app, it wasn’t until a recent update, presumably intended to address the iOS 7 issue, that the app began exhibiting the same behaviour for iOS users upgrading to the new version, resulting in users possibly losing access to some of their online services, particularly in cases such as AWS, where alternative “backup codes” are not made available. Users relying on the Google Authenticator app should avoid installing this update. Note that Google Authenticator uses an open-source one-time password generation method, so alternative apps are available, many of which were discussed in the same thread as a result of problems using the app with the iOS 7 betas.
Update: Google Authenticator appears to have been removed from the App Store, suggesting that Google may have pulled it while it works to address the issue.
