Two-factor authentication has become an essential security measure for many people, but it can also be a source of anxiety. When you switch or update phones, Google Authenticator does not automatically migrate the codes ̵
Moving Google Authenticator to a new phone
Do not make any changes to the copy of Google Authenticator before your old phone. Leave it for now, otherwise you might get caught without the ability to enter 2FA codes before the new phone is set up. First, install Google Authenticator on your new device – either Google Authenticator for iPhone or Google Authenticator for Android.
Next, you need your computer. Open Google's 2-Step Verification page in a browser and sign in to your Google Account when prompted. In the Authenticator app section of the page, click Switch Phone.
Select the type of phone to which you are migrating and click Next.
Now the "Authenticator Setup" screen should be displayed with a barcode Open Google Authenticator on the new phone and follow the barcode scanning instructions Tap "Setup" and then click "Scan barcode."
Time code to verify functionality.
Transfer your Google Authentication Codes to other sites.
Congratulations! You now have the Google Authentication Code transferred to the new phone. The only service you set up is Google. You've probably connected quite a few other apps and services to Google Authenticator – perhaps Dashlane, Slack, Dropbox, Reddit, or others. You must migrate these one at a time. This is the time-consuming part to which we have already referred.
However, the whole process is straightforward, even if you need to search a bit for the settings. Select a website or service listed in your old version of Google Authenticator (on the old phone) and sign in to the website or open the app. Find the 2FA setting on this site. It's probably in the account, password, or security section of the site. However, if the service has a mobile or desktop app, it may be there. For example, Dashlane's 2FA settings are located in the desktop app, not on the website, while Reddit inserts the 2FA controls on the site in the User Preferences menu on the Privacy and Security tab.
Once If you find the right controls, disable 2FA for this site. You'll likely need to enter the password for the site or possibly the authentication code, so you'll want to have the old phone and its copy of Google Authenticator handy.
Enable 2FA again Scan the QR code with Google Authenticator on the new phone. Repeat this process for each site or service listed in your old copy of Google Authenticator.
Enable 2FA on multiple devices simultaneously.
In a perfect world, you can use 2FA to authenticate your credentials with a mobile phone or confirm another device that you have with you all the time and to which only you have access. This makes it very difficult for hackers to fake the system, because for bad guys (as opposed to getting code through SMS, which is not very secure), there's no easy way to get second factor authorization through a local app is provided only in your pocket.
Here's what happened behind the scenes. When you add a new site or service to Google Authenticator, a secret key is used to generate a QR code. This will tell your Google Authenticator app how to generate an unlimited number of time-based one-time passwords. Once you've scanned the QR code and closed the browser window, that particular QR code can not be regenerated and the secret key is stored locally on your phone.
If Google Authenticator was able to sync across multiple devices, then the secret The key or the resulting authentication code would need to be stored somewhere in the cloud, making it vulnerable to hacking. Because of this, you can not sync your codes on Google across devices. However, there are two ways to manage authentication codes on multiple devices simultaneously.
When you add a site or service to Google Authenticator, you can scan the QR code on multiple devices at the same time. The website that generates the QR code does not know (or is not interested) that you have scanned it. You can scan it on any number of additional mobile devices, and every copy of Google Authenticator that you scan with the same barcode generates the same six-digit code.
This is not recommended. First, multiply your authentication codes to multiple devices that can be lost or stolen. However, since they are not really in sync, there is a risk that the different devices will not be synchronized with each other. For example, if you disable 2FA for a particular service and need to re-enable it on only one device, you might not know which device has the most up-to-date and correct authentication code. It's a disaster waiting for you.
Making Authy Easier
allows you to synchronize your authentication codes across devices – this is simply not possible with Google Authenticator. If you want the flexibility to have all your 2FA codes on multiple devices, we recommend Authy. It works with all websites and services that use Google Authenticator and encrypts the codes with a password you specify and stores them in the cloud. This greatly simplifies the migration of multiple devices and encrypted cloud-based synchronization provides a balance of security and convenience.
With Authy, you do not need to set up two-factor authentication for all devices to a new phone each time you switch. We recommend switching from Google Authenticator to Authy to simplify the migration process for new phones in the future.
RELATED: How to Set Authy for Two-Factor Authentication (and Synchronize Your Codes Between Devices)