[yonixw]

Serious question

Why should I replace Google Authenticator? Since many concerns that are valid, such as (1) you don't own the data, (2) you might be banned any day and (3) your data might be used for ads, doesn't exist in this case?

[shaicoleman]

* Search

* Open source

* Encryption

* Biometric/password authentication

* Import/Export

* Backup/Sync

[Nextgrid]

It's down to trust. Google has a financial incentive to stalk people, has demonstrated that they are willing to use dark patterns to make people act against their own interest when it comes to privacy and their current data processing consent flow (supposedly for GDPR compliance) doesn't actually comply with it.

Let's say you were hiring for a security guard for a bank. You have 2 candidates.

One is a former bank robber, isn't particularly wealthy (so has an financial incentive to rob again) but totally claims he is trustworthy and will no longer rob banks.

The other has no bank-robbing history and happens to have other sources of income meaning they don't have a financial incentive to rob the bank.

Morals or laws around hiring former offenders aside, which one do you pick?

Sure, you can keep a close watch on the ex bank-robber to prevent future incidents just like you can decompile and reverse-engineer Google Authenticator's every update (and do so preemptively before installing said updates), or you can just go with an option that has no demonstrated history of being malicious and has little incentive to do so.