After 13 long years, Google is finally adding cloud sync to its Authenticator app. Previously, if a user lost their phone or when they moved to a new device, they'd lose access to those codes and any service that uses them for login purposes. This made it a nightmare to use, which led to significant friction in terms of adoption rates.
Codes will now be synced up to the user's Google account and all a user has to do is simply log in on their new device and the codes are available. This is more in line with how Apple has been doing it with their Keychain solution. Password managers like 1Password have been doing this for years.
Christiaan Brand, Group Product Manager at Google, wrote in a blog:
"While we’re pushing towards a passwordless future, authentication codes remain an important part of internet security today, so we've continued to make optimizations to the Google Authenticator app."
The downside to syncing 2FA codes in this way is that if a malicious actor was to get access to your Google account, they would be able to get a hold of all the 2FA codes you have set up in the Authenticator app. This is likely the reason Google has made the feature optional; you don't have to sync your codes in this way if you don't want to.
To make use of the new features, just update the app and follow the prompts.
