Question about Google Authenticator

[WarriorX]

I have a few other sites/services that use google authenticator. I was wondering that if I get a new phone when I re add the authenticator app will other sites I use transfer as well and appear on the list? Tried googling this answer but nothing I could find seemed to answer the question.

 

[mnewxcv]

You need to redo everything.

 

[WarriorX]

You need to redo everything.

Thanks for the answer.

Anybody that uses 2FA, whats your backup plan so you can restore your access to your services if something happens. I have the backup codes that some sites offer but not all do... (aka Humble Bundle).

 

[mnewxcv]

Thanks for the answer.

Anybody that uses 2FA, whats your backup plan so you can restore your access to your services if something happens. I have the backup codes that some sites offer but not all do... (aka Humble Bundle).

how can a site offer 2fa with authenticator without backup codes? Pretty sure all of mine do.

 

[mvmiller12]

What I have done in the past when I needed to switch phones, was while I still had the old phone operational and in my possession:

Log into each site using the authenticator and turn 2FA off.

Put the sim card an in the new phone and load up authenticator and re-enable 2FA again for each site.

 

[antok86]

What I have done in the past when I needed to switch phones, was while I still had the old phone operational and in my possession:

Log into each site using the authenticator and turn 2FA off.

Put the sim card an in the new phone and load up authenticator and re-enable 2FA again for each site.

This is what I have been doing

 

[ChronoReverse]

This is why I use Authy now and migrated everything over. This way if I go to a new phone, I don't need to re-setup everything.

 

[WarriorX]

Thanks for the answer.

Anybody that uses 2FA, whats your backup plan so you can restore your access to your services if something happens. I have the backup codes that some sites offer but not all do... (aka Humble Bundle).

The list of sites that don't is small, the only one I know of is Humble Bundle. Couldn't find the option anywhere. I recently removed 2FA from the site because of it.

 

[CHANG3D]

I use LastPass Authenticator. It's like Authy. Your 2FA codes migrate with your LastPass account.

 

[mnewxcv]

I use LastPass Authenticator. It's like Authy. Your 2FA codes migrate with your LastPass account.

But isn't that less secure?

 

[CHANG3D]

To log into the lastpass authenticator on a new device, you'll need your old device or a security code will be sent to your backup device (most likely an SMS to the phone number attached to your account). So if hackers not only have your lastpass password but also your phone, you're fubarred regardless.

 

[mnewxcv]

To log into the lastpass authenticator on a new device, you'll need your old device or a security code will be sent to your backup device (most likely an SMS to the phone number attached to your account). So if hackers not only have your lastpass password but also your phone, you're fubarred regardless.

I mean I'm sure that's plenty secure for what I need, just less secure than Google authenticator.

 

[FrgMstr]

Yep, turn it off or get a code before you roll over to a new phone. Will save you a LOT of time in the end. Easier to just turn 2FA off.

 

[Vermillion]

But isn't that less secure?

Much less secure since you're relying on a 3rd party to protect your 2FA information. Screw that.

I take my QR codes and print them when I first generate them. No labels or anything. It's just a folder in my lockbox. New phone I just pull out the file and scan all the codes.

 

[mnewxcv]

Much less secure since you're relying on a 3rd party to protect your 2FA information. Screw that.

I take my QR codes and print them when I first generate them. No labels or anything. It's just a folder in my lockbox. New phone I just pull out the file and scan all the codes.

you know what they say about having that stuff physical, and lock boxes can be broken. I think we can all agree the best practice is to memorize the QR codes and then draw them out when you get a new phone.

 

[illram]

I thought you could move it over to a new phone by logging into your Google account on a computer? Does that not switch over all the authenticator codes to the new device?

 

[MoshEne]

You can now transfer your 2FA accounts using this method here

 

[kirbyrj]

^^^ Thread necro, but that's how I transfer Google authenticator accounts from one phone to another.

 

[hmz]

I use the MS authenticator which backs up everything to the cloud. I've used Google Authenticator and it was a major pain in the ass to recover everything when switched phones. Never again.

 

[pyr02k1]

I went a different way, GA and switching phones sucked in the past. Lastpass did make that easier, but it still wasn't perfect for me. Authy does the trick, but again it meant I was still using 2 apps and had to grab my phone each time. Bitwarden is where I ended up and it keeps the 2FA in itself. Makes life a ton easier, but at the compromise that it's not a separate app and it propagates across devices. The benefit is what I hoped Lastpass Authenticator would be when I originally used it, I don't need to pick up my phone and load the app to get the code. If I autofill a page, it copies the 2FA code automatically and that can be pasted in. Obviously you need your master password to unlock the vault, and good practice would be setting the timeout and clearing of clipboard low enough to remain functional without compromising your security further.
Another great aspect is the family sharing also shares the 2FA codes. My wife can log in to my employee discount page with the login utilize the 2FA code to get in without needing to ask me to provide one. The pitfall is clearly that she has access to the unique password assigned to said work account, but since I know her timeouts are proper, it's not world ending in my opinion (even if against company policy).