Google has heard users’ concerns about the lack of end-to-end encryption and now confirms that they will add end-to-end encryption for synchronization with a Google account in a future version of Google Authenticator.
Here’s what Christiaan Brand from Google told BleepingComputer:
The security and safety of our users is paramount to everything we do at Google, and it’s a responsibility we take seriously. The recent update to the Google Authenticator app was done with that mission in mind and we took careful steps to ensure we were able to offer it to users in a way that protects their security and privacy, but is also useful and convenient… We encrypt data in transit, and at rest, across our products, including in Google Authenticator. End-to-End Encryption (E2EE) is a powerful feature that provides extra protections, but at the cost of enabling users to get locked out of their own data without recovery. To ensure that we’re offering a full set of options for users, we have also begun rolling out optional E2EE in some of our products, and we plan to offer E2EE for Google Authenticator in the future.
Google already uses E2E encryption in some of its services such as Google Chrome, which allows you to set a password to encrypt data that is synced with your Google account.