What If I Lose My Yubikey or Google Authenticator? - Axiad (2024)

Table of Contents
What If I Lose My Yubikey? What Happens If I Lose My Google Authenticator Device? TwoFactor Authentication: What If I Lose My Phone? The Advantages of 2FA and MFA FAQs

What If I Lose My Yubikey or Google Authenticator? - Axiad (1)

2FA (two-factor authentication) is a great way to protect accounts. If you’re trying to secure your business, you might be considering the use of a physical protection key (such as the Yubikey drive) or apps like Google Authenticator for your employees.

But that does introduce a question. What happens if an employee loses their Yubikey?

Today, quite a few banks and other apps are using solutions like Yubikey or Google Authenticator. Many businesses are also requiring them for their employees, too. Most accounts today need an emailaddress or text message for two-factor authentication. But the question becomes, what happens when your employee loses access to that second factor?

It differs depending on device.

What If I Lose My Yubikey?

If you lose your Yubikey, you can still use your phone authenticator app, but you cannot create a backup Yubikey. However, Yubikey also provides methods to recover your account, so you can get a replacement.

See Also
YubiKey for cryptocurrencyWhat is Yubikey, do I need Yubikey? - Antive SecurityReplacing a lost Yubikey | There and back again

An advantage to Yubikey is that it comes on a USB that cannot be identified. So, if anyone finds your employee’s Yubikey, they won’t know what machine goes to. On the other hand, there are some weaknesses to Yubikey if your business’ IT team hasn’t configured it correctly.

When you first adopt Yubikeys, the IT team can choose how – and if – employees can recover it. Some of the methods of recovery may be more vulnerable than others. Think carefully regarding whether you want to keep those options open or whether you want to close them. This goes doubly for IT departments first looking to adopt Yubikey – how much ease of recovery will you tolerate in exchange for less security? The greater the security, the better, but expecting humans to never make a mistake or lose something may be unrealistic.

In short, your employees can almost always recover a Yubikey. But the methods that they can use to recover your Yubikey may vary depending on your configuration. And some of those methods could open your business up to security vulnerabilities.

What Happens If I Lose My Google Authenticator Device?

Your employees can choose a new Google Authenticator device using the backup codes they’ve been given. For most people, your Google Authenticator device is going to be your phone. Google knows that people lose phones all the time. So, if you lose your Google Authenticator device, you will still be able to recover your Authenticator account.

There are multiple methods that an employee can choose to authenticate their account. You can authenticate by text or by email. Of course, this again does present a vulnerability. For instance, if someone spoofs your number, they might be able to gain access to your authenticator account.

Number spoofing is one of the major challenges when it comes to 2FA based on mobile phones. At the same time, most attackers aren’t advanced or determined enough to spoof a number for the average employee – this is more likely to happen with high-value targets such as business executives or those who are in control of major intellectual property.

Like Yubikey, there are few ways to entirely lose your Google authentication. As long as you’re able to go through the recovery process, you should be able to use the authenticator. If you can’t find a way to get into the authenticator, you can usually reset your account.

There are many accounts that customer service representatives can override. If you call in, they’ll be able to go over your identifying information with you, ensure that it’s you, and give you a new login and password.

At the same time, this again shows a weakness in the system; it’s always possible that someone could social-engineer their way into accessing your account. But in so doing, they will leave far more of a trail than if they could just access it directly.

TwoFactor Authentication: What If I Lose My Phone?

Many people are concerned about losing their phone. There are two general systems when it comes to two-factor authentication through a phone: app-based and phone number-based.

Some two-factor systems will send you a text message through your phone that you can reply to. In other words, your authentication doesn’t live on the phone, it lives on the phone number. If you lose your phone, your new phone and new number will still receive these authentication texts.

So, there’s nothing you need to do about losing your phone except replace it.

Now, if you authenticate through an app, usually it’s tied to the device in some way. You will need to reaffirm your account and prove that you’re you. Usually this, also, is through a text message or email address.

One of the critical potential issues with many 2FA and MFA systems is that they ultimately come down to a phone number or email address, insofar as even if the system requires a physical dongle like Yuibkey or other method of connection, you can usually reset it through this.

But that’s not always true. You can also choose greater levels of security for your business system; just know that it may become a more complicated situation should your employees actually lose their device or their authentication.

The Advantages of 2FA and MFA

Two-factor authentication and multi-factor authentication just make sense. They’re the best ways to secure a system. But there can be some problems if you lose one of the factors that you’re using to login.

Before you start deploying 2FA or MFA across your business, make sure you and your workforce know what the procedures are if they lose their device. This will ensure that you can head off any issues in the future.

There are some systems (notably some cryptocurrency systems) in which you simply cannot get your key back if you’ve lost all your data. Because of this, you should always be cautious when setting up accounts.

If you’re trying to safeguard a very important account, you may just need to have very rigorous standards. Something like a Yubikey can be valuable because it gives your employees a physical, separate device that you need apart from your phone.

Do you have questions about 2FA or MFA? Talk to the experts. Request a demo todayto find out more information about authentication devices, credential services, and what 2FA and MFA can do for your business.

What If I Lose My Yubikey or Google Authenticator? - Axiad (2024)

FAQs

What happens if you lose access to Google Authenticator? ›

If your lost phone has Google Authenticator on it, you need to secure your accounts connected to the app by logging in with an alternate method, and resetting the 2FA settings. You should also erase your phone remotely if possible. You can then add Google Authenticator to a new phone and re-link it to your accounts.

Read On
How do I recover my lost Google Authenticator key? ›

  1. Sign in to your Google Account with your password and your other second step.
  2. Follow the steps to remove the lost key from your account.
  3. Get a new security key. You may want to get an extra key you can keep in a safe place.
  4. Add the new key to your account.

Discover More Details
What happens if you lose your USB security key? ›

What happens if I lose my security key? If you lose your security key you may be unable to log into any accounts that require it. This is why we recommend registering two keys, a primary and a backup. Some services may also require another backup method, like an app, text message, or email authentication.

Continue Reading
How do I regain access to my Authenticator? ›

To recover your information
  1. On your mobile device, open the Authenticator app, and select Begin recovery.
  2. Sign in to your recovery account using the personal Microsoft account you used during the backup process. Your account credentials are recovered to the new device.

See Details
Is Google Authenticator backed up? ›

Google, as well as some of the other websites where you can protect your user account with two-step authentication, provides backup codes. These are the one-use codes that allow you to login into your account if you lose access to your OTP token. After you use a backup code once it's gone for good.

Find Out More
What to do if I lose my YubiKey? ›

If you lose your Yubikey, you can still use your phone authenticator app, but you cannot create a backup Yubikey. However, Yubikey also provides methods to recover your account, so you can get a replacement. An advantage to Yubikey is that it comes on a USB that cannot be identified.

Tell Me More
What if someone steals my YubiKey? ›

If a token has been lost or stolen, please report this to the ITS Service Desk by submitting an IT request so that the token can be recorded as lost. This ensures it can no longer be used to access your UQ account or resources.

Show Me More
Can you duplicate a YubiKey? ›

Please note that for security reasons, the firmware of our products does not allow stored secrets to be read, meaning it is not possible to “clone” or "duplicate" a YubiKey. In general, the process of creating a backup involves manually registering the spare key with all services the first is registered with.

Explore More
What happens if you lose access to Authenticator app? ›

What if I can't access the computer, smartphone or authenticator app? If you no longer have access to the device you need for the multi authentication factor or cannot use the authentication app for other reasons, you will need to deactivate 2-factor authentication using the secret key generated during setup.

Continue Reading
Is Google Authenticator backed up by iCloud? ›

Cloud-sync the authenticator app

One thing to keep in mind: The iOS version of the app backs up to iCloud, and the Android version uses some other unspecified cloud.

Show Me More

How do I recover data from Google Authenticator? ›

Recover an account
  1. Sign in to your Google Admin console. ...
  2. In the Admin console, go to Menu Directory. ...
  3. Click the user you want in the list. ...
  4. Click Security.
  5. Click 2-step verification. ...
  6. Click Get Backup Verification Codes.
  7. Copy one of the verification codes.
  8. Send the backup code to the user in an IM or text message.

Read The Full Story
Can hackers get through Google Authenticator? ›

Authenticator apps

The authenticator method uses apps such as Google Authenticator, LastPass, 1Password, Microsoft Authenticator, Authy and Yubico. However, while it's safer than 2FA via SMS, there have been reports of hackers stealing authentication codes from Android smartphones.

See Details
Can YubiKeys be tracked? ›

YubiKeys can be easily numbered, tracked, and managed as a state asset. If a user leaves the organization, the YubiKey can be quickly and securely reassigned to another user.

Get More Info Here
What happens if you lose your YubiKey Coinbase? ›

If you lose it, you're locked out of your house. It's the same concept with a Yubikey. You can buy 2 keys, and register both to unlock the same things so you have a backup in case one gets lost or stolen.

Continue Reading
Can you overwrite a YubiKey? ›

You can overwrite an already-programmed YubiKey in any of the normal AuthLite programming interfaces. You will see an additional dialog warning you that the old information on the key will be destroyed (Except in the bulk Key Programmer, which overwrites key data without warning).

View More
Can 2 people use the same YubiKey? ›

A Yubikey can be used for an unlimited number of accounts if you're using WebAuthn. You also have an unlimited number of accounts for U2F. If you're using your Yubikey for TOTP, you can only hold 32 accounts.

View Details
Is it OK to leave YubiKey plugged in? ›

Do I need to keep my yubikey plugged in all the time? A. No, you only need to insert your yubikey when you are prompted to do so during login. Leaving it plugged in could result in the yubikey being lost or damaged.

See More
How long does a YubiKey last? ›

How long does a YubiKey last? The internals of the YubiKey's security algorithms currently limits each key to 30+ years of usage. The Yubikey is powered by the USB port and therefore requires no battery and there is no display on it that can break. The key itself will survive years of daily use.

Learn More
Can a YubiKey be reset? ›

If you are using Windows 10 you will need to run YubiKey Manager as administrator*. Navigate to Applications > FIDO2. Click Reset FIDO, then YES. Follow the prompts from YubiKey Manager to remove, re-insert, and touch your key.

Discover More Details
How do I find my YubiKey secret key? ›

To view the credential, tap and hold your YubiKey on the back of your phone where the NFC antenna is located. Yubico Authenticator displays the six digit code associated with this credential. This is the code you need to enter to authenticate when using two-factor authentication.

Show Me More

Can hackers hack YubiKey? ›

> A Yubikey can be hacked to send arbitrary keystrokes - but that's of limited usefulness.

Learn More Now
How to recover an Instagram account with a lost two factor authentication code? ›

To cancel your current backup codes and get a new set of codes:
  1. Tap your profile picture in the bottom right to go to your profile.
  2. Tap at the top.
  3. Tap Privacy and Security.
  4. Scroll down to Two-Factor Authentication, then tap Edit Two-Factor Authentication Setting.
  5. Tap Get Backup Codes, then tap Get New Codes.

Explore More
How do I find my Google Authenticator backup code? ›

Create & find a set of backup codes
  1. Go to your Google Account.
  2. On the left, click Security.
  3. Under "Signing in to Google," click 2-Step Verification. You may need to sign in.
  4. Under "Backup codes," click Continue .
  5. From here you can: Get backup codes: To add backup codes, click Get backup codes.

Explore More
What if you lose your phone with two-factor authentication? ›

If you didn't save your backup codes, and you've lost the phone that you use for 2-factor authentication – try calling your phone network to transfer your old number over to a new phone. You'll need a new SIM card for that, and it could take a day or two for it to activate.

Continue Reading
How do I bypass 2 step verification? ›

Allow 2-Step Verification
  1. Open your Google Account.
  2. In the navigation panel, select Security.
  3. Under “Signing in to Google,” select 2-Step Verification. Get started.
  4. Follow the on-screen steps.

Read The Full Story
Can you hack Instagram after two-factor authentication? ›

The limitations of Two-Factor Authentication

However, this unfortunately is not the case - so don't get complacent with your Instagram security. Although 2FA is another layer of security, it is not a perfect solution. MFA, like every security tool, is not unhackable.

Keep Reading
Top Articles
Bill Gates defends Bing and Windows 8
Meet the Top 10 Search Engines in the World in 2022
IPL at home: How often should I use it and does it work?
I’m Lactose Intolerant. What’s the Best Nondairy Milk Alternative? (Published 2022)
Latest Posts
Google revenue comparison Apple Microsoft 2022 | Statista
God of War (God)
Article information

Author: Wyatt Volkman LLD

Last Updated:

Views: 5968

Rating: 4.6 / 5 (66 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Wyatt Volkman LLD

Birthday: 1992-02-16

Address: Suite 851 78549 Lubowitz Well, Wardside, TX 98080-8615

Phone: +67618977178100

Job: Manufacturing Director

Hobby: Running, Mountaineering, Inline skating, Writing, Baton twirling, Computer programming, Stone skipping

Introduction: My name is Wyatt Volkman LLD, I am a handsome, rich, comfortable, lively, zealous, graceful, gifted person who loves writing and wants to share my knowledge and understanding with you.