Two-factor authentication (2FA) is one of the best and easiest ways to keep your online accounts secure. It works by issuing an authentication code on your phone when somebody tries to access the account; if that person doesn’t have the code, they (or you) don’t get in. By using a 2FA app, such as Google Authenticator or Authy, you can prevent somebody from accessing your data by getting your password. (You can have a code texted to you, but that is considered far less secure due to the rise of so-called SIM hacking.)
There is, of course, a catch. Because 2FA uses a key specific to your phone, if you lose or break your phone, you can’t simply reinstall the app on your new phone and go on from there. You need to transfer the key code for that phone as well as the app itself.
Different authentication apps handle this in different ways. In this article, I’m going to look at Google Authenticator, including the easiest way to transfer the app to a new phone if you do have access to the old one, and how you can prepare for a possible problem (like a broken phone).
Google Authenticator lets you establish 2FA by using your phone to scan a QR code generated by the app on a separate device or by entering a key code. It’s a relatively easy process — unless you find you have to move the app to a new phone.
Because 2FA uses security keys that are specific to each piece of hardware, you can’t simply reinstall Google Authenticator on your new phone and use it to log in. Instead, you have to transfer the keys to your new app.
The easiest method, especially if you use 2FA with several apps, is to use the Authenticator app’s dedicated transfer feature to move your keys from one phone to the other. However, there are two assumptions here: first, that you have access to both the old and new phone, and second, that you have Android devices. If either of these assumptions doesn’t work for your situation, there are other methods you can use, which we’ll cover next. But first, the easy method.
Transfer your Authenticator keys via Android
If you’ve got two Android phones, you can transfer your accounts to a new phone by exporting them via a QR code generated by the Authenticator app.
- Install Google Authenticator on your new phone.
- Tap “Get started.”
- Tap “Scan a QR code.” You’ll get a grid and instructions to “Place QR code within red lines.”
- Open Google Authenticator on your older phone.
- Tap on the three dots on the top right of the screen and select “Transfer accounts”
- Select “Export accounts.” You may be asked to verify your identity via a fingerprint, password, or another method.
- Uncheck which accounts you don’t want to export. Tap “Next.”
- You’ll be shown a QR code. Center it in the grid in your new phone.
- You should see the imported app now listed in your Google Authenticator app in the new phone. (Note: the app will not be deleted from your old phone.)
Alternative method #1: Use your backup codes
When you first set up Google Authenticator, you may be given a set of backup codes and asked to print them out or otherwise save them. And you definitely do want to save them; print them out and put them somewhere safe or create a PDF and save it where nobody else can access it. If your phone goes south, these codes will be a good way to reestablish authentication on your new phone — assuming, of course, you haven’t misplaced the codes.
This is also the way to reestablish your keys on a new iPhone.
If you missed that step during the installation, you can get those backup codes anyway. For that, you have to go into your Google account and then follow these steps:
- Click on “Security” in the left-hand column.
- Scroll down to and select “2-Step Verification.” You’ll probably have to enter your password.
- Scroll down to “Backup Codes” and click on “Show Codes.”
- You’ll get a list of 10 codes. Each code can be used once; if you use them all, you can get more by clicking on “Show Codes” and then on “Get New Codes.”
Alternative method #2: Take a screenshot of the barcode
One way to create a backup in case you lose your phone is to take and save a screenshot of the barcode that is created for each 2FA-secured app. If you’ve mislaid your backup codes, but you’ve saved a screenshot of the QR barcode that you originally used to create your app’s authentication, you can use that screenshot to establish your credentials on a new phone.
Just throw the screenshot up on your computer, install Google Authenticator on your new phone, and use the plus sign on the app to scan the barcode. (You can also enter the setup key code if that’s what you saved.) Do this for each of your apps, and you’ll be all set.
Update October 12th, 2021, 11:20AM ET: This article was originally published on September 2nd, 2020; the directions for transferring between Android phones have been updated.
FAQs
When you set up Google Authenticator two-factor authentication (2FA) in your account, you're prompted to download a backup key. This code lets you restore access to your account in case you change or lose your phone, or accidentally delete the Google Authenticator app.
How do I get my 2FA back on Google Authenticator? ›
Recover an account
- Sign in to your Google Admin console. ...
- In the Admin console, go to Menu Directory. ...
- Click the user you want in the list. ...
- Click Security.
- Click 2-step verification. ...
- Click Get Backup Verification Codes.
- Copy one of the verification codes.
- Send the backup code to the user in an IM or text message.
When you set up Google Authenticator two-factor authentication (2FA) in your account, you're prompted to download a backup key. This code lets you restore access to your account in case you change or lose your phone, or accidentally delete the Google Authenticator app.
How do I recover my Google 2FA from my lost phone? ›
If your lost phone has Google Authenticator on it, you need to secure your accounts connected to the app by logging in with an alternate method, and resetting the 2FA settings. You should also erase your phone remotely if possible. You can then add Google Authenticator to a new phone and re-link it to your accounts.
What happens to 2 step verification if I lost my phone? ›
If you've lost access to your primary phone, you can verify it's you with: Another phone signed in to your Google Account. Another phone number you've added in the 2-Step Verification section of your Google Account. A backup code you previously saved.
How do I restore my Microsoft authenticator to a new phone without old phone? ›
What if you don't have access to Microsoft Authenticator on your old phone? If you no longer have your old phone, it was stolen, lost or damaged, you'll need to contact Microsoft Support. The virtual agent will ask if the answers are helpful or not, click “No” to then have the option to talk to a person for help.
Can you bypass 2 step verification? ›
One of the easiest and, therefore, most common ways to bypass two-factor authentication is by simply utilizing the password reset function of websites and applications.
How can I access my Gmail account without 2 step verification? ›
Turn off 2-Step Verification
- Open your Google Account.
- In the "Security" section, select 2-Step Verification. You might need to sign in.
- Select Turn off.
- A pop-up window will appear to confirm that you want to turn off 2-Step Verification. Select Turn off.
When the QR code or manual code has processed, Google Authenticator will generate a six-digit verification code and display it. a. Type the six-digit code you see in the app into the ACF website below the QR code.
Is Google Authenticator linked to Google Account? ›
We are excited to announce an update to Google Authenticator, across both iOS and Android, which adds the ability to safely backup your one-time codes (also known as one-time passwords or OTPs) to your Google Account. Across all of your online accounts, signing in is the front door to your personal information.
The token provides an authenticator, which is a six digit number users must enter as the second factor of authentication. You need to install the Google Authenticator app on your smart phone or tablet devices. It generates a six-digit number, which changes every 30 seconds.
Can I transfer Authenticator to new phone? ›
Sign in using the Google Account whose codes you want to transfer. Scroll down the 2 Step Verification Page, then click on Change Phone on the Authenticator App Tab. Select the OS version of your device, either Android or iPhone. Click on Next.
How do I reset my Authenticator app? ›
Once logged in as the user, click Settings > Security > User Manager and click the user account that you are currently logged in as. Click the Multi-Factor Authentication tab, then select one of these options: Generate a new QR code: Click the Reset button for the Google Authenticator app.
How to recover your account after two step verification fails? ›
If Two-Step Verification fails and you can't access your account, you can try to recover your account . To regain access to your account, you'll need to verify your identity by providing a scan or photo of a government-issued identity document.
How do I transfer my 2 step verification to a new iPhone? ›
If you don't already have Google Authenticator on your old iPhone, install it from the App Store. Then go to your Google account online, sign in, and click on Security to start setting up 2-step Verification. Once that has been done, you can move to a new phone.
What happens if you lose your phone with Microsoft Authenticator? ›
Using the Microsoft Authenticator app should be easy once you set it up. If you lose your phone with the authenticator, getting access to your accounts should not be a problem. Simply log into your non-Microsoft accounts and enter one of the codes you saved from the authenticator when prompted.
What is better than 2 step verification? ›
Multi-Factor Authentication: A Step Beyond
First: All other things being equal, MFA is always more secure than 2FA.
Why 2 step verification is not safe? ›
2FA can be vulnerable to several attacks from hackers because a user can accidentally approve access to a request issued by a hacker without acknowledging it. This is because the user may not receive push notifications by the app notifying them of what is being approved.
Can you turn off two step verification Microsoft? ›
To turn two-step verification on or off: Go to Security settings and sign in with your Microsoft account. Under the Two-step verification section, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
How do I verify my Google Account with two step verification? ›
Turn on 2-Step Verification
- Open your Google Account.
- In the navigation panel, select Security.
- Under “Signing in to Google,” select 2-Step Verification. Get started.
- Follow the on-screen steps.
Google Authenticator is a mobile security application based on two-factor authentication (2FA) that helps to verify user identities before granting them access to websites and services. Two-factor authentication makes it less likely that an intruder can masquerade as an authorized user.
Is Google Authenticator stored in the cloud? ›
On Monday, that situation finally changed when Google updated Authenticator with support for cloud-synced backups. As of version 6.0 on Android and version 4.0 on iOS, you now have the option to back up your 2FA seeds (the information that codes are generated from) to a Google account.
What is the downside of using Google Authenticator? ›
Another drawback of Google Authenticator that a reader pointed out is no passcode or biometric lock on the app. And this ease of access to the app seems to allow malware to steal 2FA codes directly from Google Authenticator, giving you yet another good reason to dump the app.
How do I get my QR code for Authenticator app again? ›
1 answer
- Go to Security & Privacy page > choose Additional security verification > Update my phone numbers used for account security.
- After that it will open a new window. ...
- Choose Set up Authenticator app and it will open a pop-up box with QR code so that you can configure the app on your new device.
If you accidentally uninstall the Authenticator app from your smartphone you will need to re-install it and then run through the setup below. One you have scanned the QR code continue with the setup on the laptop.
How do I reset my 2FA Authenticator? ›
How to reset two-factor authentication (2FA)
- Enter your email address and password.
- Follow the on-screen instructions. You will receive an email with a reset code. When you get the code, click the next arrow. ...
- Enter the code from the email, and proceed to log in once your code has been validated.
Generating a new set of recovery codes
- In the upper-right corner of any page, click your profile photo, then click Settings.
- In the "Access" section of the sidebar, click Password and authentication.
- Next to "Recovery codes," click View.
- Under "Generate new recovery codes", click Generate new recovery codes.
A Recovery code (or Backup code) is a unique code that is usually provided by services or sites once 2FA (Two-Factor Authentication) is enabled on an account.
How do I get 16 digit backup key for 2FA Google Authenticator? ›
While activating 2FA on your STEX account, you get a 16 digit key that you must save. As shown below. To restore the 2FA in your authenticator app: Open your Authenticator app add a new account, change the name to STEX and enter the 16 digit key that you have already saved while you activated 2FA on your account.
Where are 2FA backup codes stored? ›
The very best place to store your 2FA recovery codes is on a piece of paper you keep hidden in your home. At the bare minimum, this is what most people should be doing. This hiding spot could be a safe, a book, under the mattress, or wherever you consider a safe spot in your home.
Resetting Google Authenticator
- Navigate to “My Account” -> “Security + Passwords” In the “Cell Phone” section click on “Edit” to reveal your QR code.
- Scan the QR Code into Google Authenticator. If you're using Google Authenticator: ...
- Use the Google Authenticator App to Log In.
