Two-factor authentication has become an essential safety precaution for many people, but it can also be a source of anxiety. When you change or upgrade phones, Google Authenticator does not automatically migrate codes. You must do it manually.
Fortunately, it is not difficult to transfer Google Authenticator codes from one phone to another, even if it is true that it can be tedious and tedious. Google had planned this, more or less, by design. It should not be too easy to retrieve authentication codes from anywhere, except for the device you are using for your two-factor authentication, otherwise the entire value of 2FA would be irrelevant.
However, here's what you need to know to get Google Authenticator (and all your authentication codes) from one old phone to another. Whether you skip platforms or stay in your iOS or Android worlds, the process is the same.
Move Google Authenticator to a new phone
First, do not do anything to copy Google Authenticator on your old phone. Leave it for now, otherwise you may be caught without a way to enter 2FA codes before the new phone is set up. Start by installing Google Authenticator on your new device, either Google Authenticator for iPhone or Google Authenticator for Android.
Then you will need your computer. Open Google's two-step verification page in a browser and sign in to your Google Account when it asks you. In the "Authentication Application" section of the page, click "Change Phone."
Choose the type of phone to which you are migrating and click "Next".
You should now see the "Configure Authenticator" screen, with barcode. Open Google Authenticator on the new phone and follow the instructions to scan the barcode. Press "Configuration" and then "Scan a barcode".
After the analysis, you will want to enter the single-use code to verify that it is working.
Transfer your Google authenticity codes to other sites
Congratulations! You have now moved the Google Authentication Code to the new phone, but that's it; The only service you have set up is Google. You probably still have many other applications and services connected to Google Authenticator, such as Dashlane, Slack, Dropbox, Reddit or others. You will need to migrate each of these, one at a time. This is the tedious part to which we alluded earlier.
But the overall process is simple, even if you have to search the parameters a bit. Choose a site or service listed in your old copy of Google Authenticator (on the old phone) and log in to its website or open the application. Look for the 2FA setting for this site. This is probably in the account section, password, or website security, though, if the service has a mobile or desktop app, it may be in place instead. Example: Dashlane's 2FA settings are located in the desktop application, not on the website, while Reddit places 2FA controls on the site in the "User Settings" menu, in the "Privacy" tab. and security ".
Once you have found the right controls, disable 2FA for this site. You will probably need to enter the password of the site, or possibly the authentication code. That's why you'll want the old phone and its copy of Google Authenticator.
Finally, reactivate 2FA by scanning this time the QR code with Google Authenticator on the new phone. Repeat this process for each site or service listed in your old copy of Google Authenticator.
Enable 2FA on more than one device at a time
In a perfect world, 2FA allows you to confirm your identification information with the help of a mobile phone or other device that you carry all the time and to which only you have access. It is therefore very difficult for hackers to spoof the system because (unlike obtaining codes via SMS, which is not particularly secure), the bad guys do not have easy way to get your hands on a second factor authorization delivered via a local app only in your pocket.
Here's what's going on behind the scenes. When you add a new site or service to Google Authenticator, Google Authenticator uses a secret key to generate a QR code. This, in turn, tells your Google Authenticator app how to generate an unlimited number of unique, time-based passwords. Once you have scanned the QR code and closed the browser window, you can not regenerate it and the secret key is stored locally on your phone.
If Google Authenticator was able to sync across multiple devices, the secret key or the resulting authentication credentials should reside somewhere in the cloud, making it vulnerable to hacking. That's why Google does not allow you to sync your codes from one device to another. However, there are two ways to keep authentication codes on multiple devices at once.
First, when you add a site or service to Google Authenticator, you can scan the QR code on multiple devices at once. The website that generates the QR code does not know (or is concerned) that you have scanned it. You can scan this one on any number of additional mobile devices. Each copy of Google Authenticator that you scan from the same barcode generates the same six-digit code.
We do not recommend doing it that way, though. First, you multiply your authentication codes on multiple devices that may be lost or stolen. But most of all, because they are not really synchronized, you run the risk of desynchronizing the different devices. If you need to disable 2FA for a particular service, for example, and then re-enable it only on a device, you may not know which device has the latest and most correct authentication codes. It's an impending disaster.
Use Authy to make it easier
It is possible to synchronize your authentication codes on multiple devices. You can not do it with Google Authenticator. If you want to have all your 2FA codes on multiple devices, we recommend Authy. It works with all sites and services using Google Authenticator, encrypts codes with a password that you have provided, and stores them in the cloud. This greatly facilitates the migration of multiple devices, and encrypted synchronization in the cloud balances security with convenience.
With Authy, you do not need to set up two-factor authentication for all your devices every time you switch to a new phone. We recommend switching from Google Authenticator to Authy to ease the migration process for new phones in the future.