The two-factor authentication offered by Google Authenticator works great, except for when it doesn’t.
The premise of the Google Authenticator app is pretty simple: Once you connect it to your online services, the app generates a random numeric code that you need to use along with your password when you’re signing into your digital accounts. If the code isn’t used in a short time frame, it self-destructs and becomes invalid. Boom! It’s two-factor authentication at its finest.
Well, at least it is when it works.
On Tuesday, Google released an update for the iOS version of Authenticator and rather than providing the tweaks and improvements you’d expect to find in a patch, it completely wiped all of the stored data and connected account information saved in-app by users, forcing people to resync all of their accounts from scratch. Users who relied to Authenticator to access the (superb) Dashlane password manager were locked out of their accounts completely, according to TechCrunch, barring those users from accessing any of their online services unless they contacted Dashlane’s customer service team.
Oops. Big oops.
While it won’t cure the headaches of users who have already had their data wiped, Google has yanked the borked Authenticator from the App Store and is working furiously on an updated update, The Next Web reports–one that doesn’t blow away your app tokens and stored data.
Look for that update to hit the App Store soon, but once it does, you might want to wait a day or two before downloading it, just to be safe.