The “Click to disclose PIN” feature was added in the Google Authenticator v5.20R4 release.
With the most recent version, Google Authenticator got rid of the “Click to disclose PIN” option.The v5.20 upgrade, which Google purportedly released in May, concealed the two-factor authentication (2FA) code until the user tapped to disclose it.Although the upgrade was meant to increase security, users did not favour it.This capability is being rolled back with the Google Authenticator v5.20R4 upgrade.To make it simple for customers to manage their account security credentials while switching to a different phone, Google updated its Authenticator app in 2020.On both iOS and Android, updates to the Google Authenticator app are infrequent.Security has been emphasised by Google as a “top priority” for them.
With the release of version 5.20R4, Google has disabled the “Click to disclose PIN” functionality from its Authenticator app.Recall that in May, the Google Authenticator v5.20 purportedly incorporated the “Click to reveal PIN” feature for increased security.To view the 2FA code, a new step was added by the functionality.The users’ complaints about the most recent update can be seen in their comments on Google Play, with many complaining that the app’s performance was delayed by the extra layer of protection.
Google updated its Authenticator app in May 2020 to make it easier for customers to manage their account security keys when using a different phone.Users could move their 2FA or 2-step-verification (2SV) codes from one phone to another using Google Authenticator v5.10 for Android.Up until now, switching to a new phone required repeating the entire 2SV code generation and verification process.
Google has made it clear that security is a “top priority” for them, as was already acknowledged.No data is sent to Google servers when the 2SV codes are transferred, according to the statement, and users are informed to let them know a transfer has occurred.However, in February 2020, there were allegations claiming that an Android malware known as “Cerberus” was capable of stealing the Google Authenticator codes.