Google yanks its token-eating iOS authentication app from App Store

A buggy update to Google Authenticator is breaking two-factor logins.
Written by Liam Tung, Contributing Writer

Google has removed its Authenticator app from Apple's App Store after reports that the freshly updated version wiped stored tokens tied to online accounts, preventing users from authenticating them.

Google updated the app on Tuesday to support Apple's iPhone 5 and Retina displays, but shortly after complaints surfaced on Hacker News revealing the update caused a user to lose access to accounts requiring passcodes generated by the app.

Google's Authenticator App for iOS allows people to use their iPhone in two-factor authentication logins. The app issues a rolling cycle of random six-digit one time passcodes, and through a token, can be tied to the login process for numerous online services, including DropBox, Amazon Web Services and, as of yesterday, GitHub. 

Amazon Web Services issued an alert shortly after advising customers not to install the update after customer reports indicated that it was inadvertently deleting all authentication tokens from the smartphone, which in turn would prevent them from authentication to the account.

Google is reportedly working on a fix, but in the meantime has withdrawn the app from the App Store. We've asked Google for comment, and we'll update the story is any is forthcoming.

Further reading

Editorial standards