Two-factor authentication (2FA) is one of the best and easiest ways to keep your online accounts secure. It works by issuing an authentication code on your phone when somebody tries to access the account; if that person doesn’t have the code, they (or you) don’t get in. By using a 2FA app, such as Google Authenticator or Authy, you can prevent somebody from accessing your data by getting your password. (You can have a code texted to you, but that is considered far less secure due to the rise of so-called SIM hacking.)
You can use sync for an easy transfer or go with an older — but possibly more secure — method.
Google Authenticator lets you establish 2FA by using your phone to scan a QR code generated by the app on a separate device or by entering a key code. It’s a relatively easy process.
Except there used to be a catch. Because 2FA uses a key specific to your phone, if you lost or broke your phone, you couldn’t simply reinstall the app on your new phone and go on from there. You needed to transfer the key code for that phone as well as the app itself.
However, as of April 2023, Google updated its Authenticator app for Android and iOS (to version 6.0 and 4.0, respectively), which should make this process much easier. Now the app will automatically sync your codes to a new phone and any other devices that are signed in to your Google account.
Setting up Authenticator to sync
For anyone who has ever lost a phone, syncing your authenticator codes is an enormous time-saver. Moving your Authenticator codes to a new phone is an awkward process at best. Automatically syncing your codes is a lot easier.
On the other hand, there have been some assertions that the process doesn’t include end-to-end encryption. In addition, there is the possibility that if somebody gets hold of one of your devices (and can get past your device’s security), they may be able to use it to access your 2FA app.
You do have a choice, however. When your version of Authenticator is upgraded, you will get a “Welcome” page that asks you to sign in to your account.
- If you do want to sync your account to Authenticator and thus be sure that you will always be able to easily access your 2FA codes, just tap on the blue Continue as [your name] button, and you’re set.
- If you don’t want to connect Authenticator to your accounts so that it will move to all your devices automatically, select the link Use Google Authenticator without an account, which will be under that blue button.
Either way, you can change your mind at any time and either enable syncing with your Google account or remove the sync. Here’s how.
When Authenticator updates to version 6, a welcome page lets you sync your codes to your Google account. Or not.
You can change your mind and use Authenticator without connecting it to an account by going to the app’s settings.
- Open your Google Authenticator app.
- If the app is connected to your Google account, you’ll see a cloud with a little green checkmark next to your personal icon in the upper right. If you’re not syncing, the cloud will be gray with a slash through it.
- If you’re currently syncing and want to stop, tap on your personal icon. You’ll see a pop-up menu (which will also let you manage your current Google account and manage all the accounts on your device). Select Use without an account.
- A second pop-up will ask if you want to use Authenticator without an account. Click Continue, and your codes will be removed from your Google account and all your other devices, except the device you are on. If you are currently not using sync, you will be asked if you want to.
- If you’re not syncing and want to start, tap on the “person” icon in the upper right (it won’t be a personal icon, since you’re currently not synced with any account). Tap on the account you want to sync with
- A second pop-up box will ask Start saving codes to this account? Select Allow.
Using Authenticator without sync
If you decided not to use sync, then the easiest method, especially if you use 2FA with several apps, is to use the Authenticator app’s dedicated transfer feature to move your keys from one phone to the other. However, there are two assumptions here: first, that you have access to both the old and new phone, and second, that you have Android devices. If either of these assumptions doesn’t work for your situation, there are other methods you can use, which we’ll cover next. But first, the easy method.
Transfer your Authenticator keys via Android
If you’ve got two Android phones, you can transfer your accounts to a new phone by exporting them via a QR code generated by the Authenticator app.
- Install Google Authenticator on your new phone.
- Tap Get started.
- Tap Scan a QR code. You’ll get a grid and instructions to Place QR code within red lines.
- Open Google Authenticator on your older phone.
- Tap on the three dots on the top right of the screen and select Transfer accounts.
- Select Export accounts. You may be asked to verify your identity via a fingerprint, password, or another method.
- Uncheck which accounts you don’t want to export. Tap Next.
- You’ll be shown a QR code. Center it in the grid in your new phone.
- You should see the imported app now listed in your Google Authenticator app in the new phone. (Note: the app will not be deleted from your old phone.)
Alternative method #1: Use your backup codes
When you first set up Google Authenticator, you may be given a set of backup codes and asked to print them out or otherwise save them. And you definitely do want to save them; print them out and put them somewhere safe or create a PDF and save it where nobody else can access it. If your phone goes south, these codes will be a good way to reestablish authentication on your new phone — assuming, of course, you haven’t misplaced the codes.
This is also the way to reestablish your keys on a new iPhone.
If you missed that step during the installation, you can get those backup codes anyway. For that, you have to go into your Google account and then follow these steps:
- Click on Security in the left-hand column.
- Scroll down to and select 2-Step Verification. You’ll probably have to enter your password.
- Scroll down to Backup Codes and click on Show Codes.
Click on “Show Codes” to get your ten backup codes for your Google account.
- You’ll get a list of 10 codes. Each code can be used once; if you use them all, you can get more by clicking on Show Codes and then on Get New Codes.
Alternative method #2: Take a screenshot of the barcode
One way to create a backup in case you lose your phone is to take and save a screenshot of the barcode that is created for each 2FA-secured app. If you’ve mislaid your backup codes, but you’ve saved a screenshot of the QR barcode that you originally used to create your app’s authentication, you can use that screenshot to establish your credentials on a new phone.
Just throw the screenshot up on your computer, install Google Authenticator on your new phone, and use the plus sign on the app to scan the barcode. (You can also enter the setup key code if that’s what you saved.) Do this for each of your apps, and you’ll be all set.
Update April 28th, 2023, 12:05PM ET: This article was originally published on September 2nd, 2020; the directions for transferring between Android phones have been updated, and the new sync feature has been added.
How to transfer your Google Authenticator 2FA to a new phone
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.