Two-factor authentication: which apps are still safe to use
Several popular 2FA apps have introduced backup-to-cloud features that quietly weaken the threat model. carmannews lists which apps still implement TOTP correctly and which now compromise on the basics.
Several popular 2FA apps have introduced backup-to-cloud features that quietly weaken the threat model. carmannews lists which apps still implement TOTP correctly and which now compromise on the basics.
What the marketing claims vs. what ships
Consumer tech marketing has a long history of overpromising. The carmannews tech desk tested the actual shipping product against the launch claims across four key features. The gap is narrower than the cynical narrative suggests but wider than the marketing implies. We summarise the data below.
carmannews tech bench-tests every product we recommend, on our own equipment, with the same test conditions across competing products. We don’t take review units from manufacturers unless they’re returned within thirty days, and we don’t accept exclusive embargo terms that would compromise comparative testing.
The spec that actually matters here
Most buying advice over-indexes on visible specs (RAM, storage, screen size) and ignores the ones that actually affect long-term satisfaction (battery cell quality, thermal design, repairability). The carmannews tech desk maps the spec gap with three worked comparisons.
carmannews tech bench-tests every product we recommend, on our own equipment, with the same test conditions across competing products. We don’t take review units from manufacturers unless they’re returned within thirty days, and we don’t accept exclusive embargo terms that would compromise comparative testing.
When to upgrade, when to wait
The upgrade cycle most readers default to is faster than necessary in some categories and slower than ideal in others. The carmannews tech desk lays out the timeframes by category, with the specific signals that should accelerate or delay each decision.
carmannews tech bench-tests every product we recommend, on our own equipment, with the same test conditions across competing products. We don’t take review units from manufacturers unless they’re returned within thirty days, and we don’t accept exclusive embargo terms that would compromise comparative testing.
What to do with your current device
Before you replace anything, two diagnostic steps fix a meaningful share of complaints. The carmannews tech desk walks through both, with the time estimate and the probability that each resolves the underlying issue.
carmannews tech bench-tests every product we recommend, on our own equipment, with the same test conditions across competing products. We don’t take review units from manufacturers unless they’re returned within thirty days, and we don’t accept exclusive embargo terms that would compromise comparative testing.
A note on sources
Every claim in this carmannews article links to its primary source where one exists. Where a primary source isn’t public — an interview, an internal document — we describe how we verified it without compromising the source. The full list of sources is at the bottom of the article and is updated as new information becomes available. If you want to dig deeper, the carmannews methodology page explains the tools and data sources we use across the business, health, tech, home, and lifestyle desks.
The short version
- two-factor authentication: which apps matters now because of three accumulating changes, not one event.
- Most general advice is correct on average but wrong for two specific reader situations.
- The carmannews recommendation is a sequence of three concrete moves you can complete in under 90 minutes.
- If you skip any step, the most common failure mode is optimising for the wrong metric.
- Re-evaluate in six months; this category moves faster than annual updates capture.
The owners who handled this best ran the numbers before the decision. The ones who handled it worst skipped the math entirely.
Kenji Tanaka, Tech Editor, in conversation with carmannews