Update: T-Mobile reached out to Neowin and said in an email that the removal of Google Authenticator support is for a short period and it will be brought back shortly. Here"s what the email reads:
To make some updates we took the Google Authenticator down for a short period of time, but it will be back up shortly.
If the latest reports from T-Mobile users are to be believed, then your T-Mobile accounts are a bit less safe now, because, T-Mobile has removed support for the Google Authenticator security feature. This is pretty odd to see at a time when other network service providers are adding security features to safeguard user accounts and not removing them, like T-Mobile.
As spotted by multiple users on Reddit, T-Mobile users are upset after discovering that their accounts no longer support Google Authenticator. This has left T-Mobile customers with SMS messages as the only 2FA option to secure their accounts.
Two-factor authentication is a safety feature that adds a layer of security to your accounts, and users have to set up two different authentication methods to verify their accounts. So, if you want to make any changes to your T-Mobile account, you need to verify that the account belongs to you by entering a code.
Similar to TOTP (Time-based One-time Password Apps), Google Authenticator makes these codes locally, and a fresh code is generated every 30 seconds by default. This has proven to be one of the best 2FA methods to secure an account.
Another important thing to note is that the Google Authenticator app generates the codes even when offline. So, you will receive a code to log in to your account, even when you have put your device in Airplane Mode. This negates the need to be online every time you want to verify your account and also minimizes the chances of hackers getting access to your information.
Now that T-Mobile has removed Google Authenticator support, users have to rely on T-Mobile"s cellular connection, as SMS messages rely on it, and network drop is a common issue with T-Mobile networks. T-Mobile recently started offering a 5G backup plan for home plan users that can be used during internet outages.
2FA over SMS can be less secure because of the possibility of a SIM swap attack. During a SIM swap, a hacker can get control over your phone line and transfer it to another SIM card, allowing the hacker to get access to your SMS codes and control your T-Mobile accounts. T-Mobile has yet to address the topic.