| ▲ | jgilias 5 days ago | |
Authy has solved this though. The cloud sync is opt-in, and encrypted with a password. This makes it immensely more involved to compromise. | ||
| ▲ | wcoenen 5 days ago | parent [-] | |
Ironically, Authy's cloud sync feature may have been what pressured Google to add cloud sync[1]. And yes, Google could have added an extra encryption password. But users forget/lose passwords, especially if they normally never need them. So I can see why Google didn't go that route. [1] https://www.reddit.com/r/2fa/comments/pmow4k/switching_from_... | ||