This would mean that google intends to make it fundamentally impossible to backup an android phone, complete with app settings.
Why, I'm unsure, but I figure it part of the increasing lock-in and removal of openness in Android that Google has been trending toward for a few years now.
> fundamentally impossible to backup an android phone
... to anything other than Google services, I'd wager.
It's been tough backing up Android phones as-is. I have yet to figure out a way to get codes out of the Google Authenticator app other than via sqlite on a rooted phone.
It can definitely be annoying when you have many codes already stored in it, but the long term solution is: don't use Google Authenticator. There are better alternatives such as andOTP / FreeOTP, Authy, or password managers such as 1Password or Bitwarden (paid version) can handle TOTP codes too.
I have switched Android phones about 10 times and I have never successfully used the Google-made backup. Here's why, I think:
Old phone is on Android N. Backups happening regularly by their service. Phone breaks or I get a new phone. New phone is running Android N-1. In the setup process it tries to use the backup and it fails, of course, because it's from a newer version of Android. Every. Single. Time. What I should have done, and I ALWAYS FORGET: do not login to your account until you have fully updated the phone to the latest Android version!
Google disabled backups for their Authenticator app so I don't think they will ever let you export the secrets.
I wrote an application to automate OTP secret extraction for just about every app out there after trying to migrate a few dozen tokens from Google Authenticator to AndOTP. You might find it useful: https://github.com/puddly/android-otp-extractor
I really hoped Google would have allowed some way to locally make full Android backups by now but I guess that's not compatible with their business model.
That part may be by security design. The purpose of "something you have" is that it is something that can't be trivially copied.
My workaround is to record the codes offline before entering them in Authenticator (essentially printing them out and putting in my fire safe). This also allows me to easily put them into other devices (such as upgrading phones, or on a Yubikey).
It can not be trivially copied because it's on my pocket. One can improve on this, and compose with a necessary password, that I know, and erasing the data after too many wrong guesses.
How does making it hard for me to get my data from my phone improve on my security?
I'm not sure about Authenticator+ as I haven't used it, but I did use Authy. I ran into nearly the same issue when I wanted to migrate to Bitwarden - it was difficult to extract my TOTP secrets. I ended up having to write some Javascript code that would extract them for me.
Do use an encrypted cloud sync but make sure that it doesn't create a similar problem.
In this case, Authenticator+'s cloud sync is just an encrypted sqlite DB (with dirt-simple schema) that gets uploaded to Google Drive (I believe there are also other options for upload target). So it's pretty trivial to migrate to other services.
Why would that be impossible? You’ve been able to do that since the first iPhone was introduced in 2007 with iTunes. You’ve been able to do iCloud wireless backups since 2011.
They need to step up their backup game. It's the only thing I truly miss about switching to android. With iOS you could always restore your device to what it was before. But with android, even with the Google backup service there are so many gaps left. Homescreen icons organisation, app settings, even android settings themselves or not always properly saved or restored.
The hard part with Android, especially in regards to icons organization, is that this is entirely Launcher dependent, so it would more be the job of your launcher's developers to allow those data to be properly backed up.
I've been only using stock android phones, first nexus now Nokia, no custom launcher or anything. If even the Android core developers don't do it right what can you expect from 3rd party?
Indeed, this is a huge pain. ADB is, as far as I know, the only generic backup method that does not require root. The fact that it doesn't work with a lot of apps is highly frustrating.
That statement makes literally no sense. ADB still works just fine, so either you meant "and that is why I will be rooting my phones in the future", or this is absolutely not why you root your phones.
I think it's fairly obvious the poster meant that as in that kind of behavior, that takes power away from the user as opposed to exactly that particular reason.
ADB is also much less flexible. I have Titanium Backup making nightly backups, and then FolderSync automatically pushes them to a SFTP server I run. If something should happen to my phone, I'll lose one day of data. This is all automatic, so I don't have to think about it.
A backup like ADB that requires manual intervention is likely to be only done irregularly, and Murphy says that you'll lose your phone just after forgetting to make a backup for weeks.
Being able to do this is the only reason I bother to root my Android.
I would personaly much rather they fix backup and restore rather than removing the feature. I do not understand why an application can opt-out from an encrypted backup. The lack of good backup/restore for Android sucks.
Why, I'm unsure, but I figure it part of the increasing lock-in and removal of openness in Android that Google has been trending toward for a few years now.