[SOLVED] Do not upgrade Google Authenticator (iPhone), you will lose keys!

[picobit]

Google just released a new version of Google Authenticator for the iPhone.  DO NOT UPGRADE, all your keys will be lost, and you will be locked out of all your exchanges etc.


Moderators: Please cross-post this to Important Announcements, it will hit a lot of Bitcoin users!


EDIT: See also http://www.reddit.com/r/Bitcoin/comments/1lp17r/i_just_updated_the_iphone_google_authenticator/


EDIT 2:  A newer version has been released by Google, solving the problem.  It turns out the keys were not lost, just hidden, so the new version actually restores them!

[1715021403]

1715021403

[1715021403]

1715021403

[1715021403]

1715021403

[1715021403]

1715021403

[cryptocoinsnews]

www.cryptocoinsnews.com/2013/09/04/warning-do-not-upgrade-google-authenticator-iphone-you-will-loose-your-keys/

[TsuyokuNaritai]

+1. This is very real, and will cause huge amounts of trouble to bitcoiners. Shout it from the rooftops.

There are many people reporting it on online. Bitfunder has also added it to their webpage: "Error: Google has updated their authenticator app. DO NO UPGRADE THE APP. Many users have reported that the upgrade has erased their stored codes needed to login. If you wish to update you will need to disable 2-factor on your account first so you can re-activate it after the app update."

If you're reading this thread in the next couple of days, please bump it if it hasn't been in the last hour or so.

[001sonkit]

i have had the same experience. Switched to Authy.

Fool me once, shame on you.

[picobit]

How to recover:


I recovered from this mistake.  This should work on both jailbroken and unmodified iPhones, and will not loose your jailbreak if done correctly (point 5):

1) Swear at Google (OK, most of you have probably already done that)

2) Delete the Google Authenticator app from your Phone.

3) If iTunes sync automatically with your phone, you probably want to turn that off first.  Also, if you sync over WiFi it may already be too late - I really do not know.

4) Connect your phone to iTunes.  Enable the panel on the left.  It shows "LIBRARY", "STORE", "SHARED" etc and also the name of the phone.  On newer iTunes it is disabled by default, choose View / Show Sidebar.

5) Right-click on your iPhone, choose "Restore from Backup".  DO NOT use the normal restore button on the main window, as that will also restore the firmware and wipe and restore everythin (it will take ages resyncing, and any jailbreak will be gone).

6) After restoring, iTunes will resync your phone and reinstall Google Authenticator.  If you did not sync or backup since upgrading the app, the old version INCLUDING KEYS will be back.

7) If jailbroken, install Update Hider and hide the update to GA (I have not done this yet myself, but it should work).

[Gaff]

Hmm - if it's possible to recover from that, that means someone else has your keys. Isn't that a security risk?

[m_yaw]

It's the encrypted backup of your phone either on your machine or on iCloud

[Gaff]

It's the encrypted backup of your phone either on your machine or on iCloud

Cool - but what if someone manages to steal your password? Is it protected with two factor authentication? 

[twobitlolz]

Cool - but what if someone manages to steal your password? Is it protected with two factor authentication? 

hopefully it's protected by Apple not allowing your phone's keys to load while connected to a computer. of course, Apple would never put its customers at risk

[picobit]

Hmm - if it's possible to recover from that, that means someone else has your keys. Isn't that a security risk?

I think the keys remain in the keychain on the phone.  I do not use an encrypted backup of my iPhone (perhaps I should), and as I understand it that means that restoring on a different device means that the GA keys are lost.  But restoring on the same device works well.  It looks like the keys are backed up but with some hardware key encrypting them.  I would like to know the details!

[elor70]

I dont use it anyway but thanks

[freedomno1]

Bump don't use it but this would suck if it happened to you.

[minimalB]

The v2 GA app is not available in iTunes anymore.

Another recovery solution: if you have backed up v1 version of GA, you can install it over the new one using iFunBox. Looks like the tokens (keys) do stay inside the GA v2 app.

I just did that (installed Google Authenticator v1.1.4.757 over new v2 using iFunBox) and i got all the keys back.

Hope it helps...

[zy02264]

Oops, just did...

I hate the red "1" sign on the top right, so I always upgrade everything as soon as it's available.

Just successfully recovered the old version in iTunes. Here is how I did it:

First of first, go to iTunes ASAP, locate your most updated iPhone backup and make a copy before you try any recover trick.

1. delete the new version of authenticator on your iPhone
2. disable auto sync in iTunes
3. Connect your iPhone via USB
4. Click your iPhone, then go to "application" tab
5. On the left side, scroll down, you gonna see the old version of authenticator, install it.

So close...

[p2pbucks]

thanks for sharing!

[BitAddict]

Any way to install old version from icloud?

[picobit]

Any way to install old version from icloud?

If you have not sync'ed to icloud since upgrading, you can probably delete the app, and then restore from icloud. 

[BitAddict]

Any way to install old version from icloud?

If you have not sync'ed to icloud since upgrading, you can probably delete the app, and then restore from icloud. 

It worked, thanks a lot!! 

Phew, I have feeling really f****

[simonk83]

Any way to install old version from icloud?

If you have not sync'ed to icloud since upgrading, you can probably delete the app, and then restore from icloud.  

Yep, worked for me.  Phew.

[maverick1337]

Oops, just did...

I hate the red "1" sign on the top right, so I always upgrade everything as soon as it's available.

Just successfully recovered the old version in iTunes. Here is how I did it:

First of first, go to iTunes ASAP, locate your most updated iPhone backup and make a copy before you try any recover trick.

1. delete the new version of authenticator on your iPhone
2. disable auto sync in iTunes
3. Connect your iPhone via USB
4. Click your iPhone, then go to "application" tab
5. On the left side, scroll down, you gonna see the old version of authenticator, install it.

So close...

Did that and still didn't work. When I deleted the new GA app (or when you delete any app) it asks if you want to delete all the data that comes with it. In order to delete any app you have to say yes, is that why it probably didn't work? I know I've backed up my iPhone within the last few months so it doesn't make sense to me why it's not there.