SECURITY – Google Authenticator Review

Puzzled as to why Google devs decided Google Auth did not require a form of prior authorization to gain access. iOS devices are locked with a passcode/biometrics. However, a temporarily unlocked device still leaves the RSA tokencodes out in the open. I cannot use Google Auth until this is implemented. Please remember, redundancy is key to security. Anything worth securing with RSA keys should be concerned about protecting those codes as well. Thanks!
Review by Jamie Reese on Google Authenticator.