A few days ago I activated two-step verification for an email account because there was a notification trying to log in to my email. And these steps require me to know how to backup google authenticator on my android phone. Chances are you’ve all done it too.
We highly recommend implementing two-step verification whenever possible. In the contemporary world, where database leaks are a stand-alone problem that makes data security in the cloud and its privacy important, two-step authentication is not an option, in fact, it is a must.
If you use two-factor verification, the hacker will need to get the unique password you created, and the gadget, which generates the verification code, to get into your account. Thus, two-factor authentication protects against brute force, keyloggers, most cases of phishing and social engineering. It also complicates man-in-the-middle and man-in-the-browser attacks.
So why is two-factor verification still unpopular? Sure, this creates an extra step to take to log in, but most users ignore it not because of this extra time and effort, but because they are afraid of losing access to their credentials if something goes wrong with their authentication device.
“As the world becomes more and more connected, everyone shares the responsibility for securing cyberspace.”
– Newton Lee, Counterterrorism and Cybersecurity: Total Information Awareness
Quoting from the site protectimus.com as a site you know the truth about how to backup Google Authenticator and data security things like this.
Out of all the available options for one-time password generation or sending (SMS, email, hardware and software tokens), most people choose Google Authenticator or other similar apps like Authy, Protectimus Smart, etc. The operating principle is almost the same for all OTP token software – they generate an authentication code to log into your account directly on your smartphone.
It’s very convenient to use a smartphone for two-factor verification, but there’s always this nagging question: What do you do if you lose the smartphone that generated your one-time password? What happens if you switch phones, do you lose your entire account? How do you transfer Google Authenticator to a new phone? In this article, we will answer these nagging questions and help you protect your invaluable personal data.
3 ways to back up Google Authenticator
1. Backup code
Google, as well as several other websites where you can protect your user accounts with two-step authentication, provide backup codes. This is a one-time use code that allows you to log into your account if you lose access to your OTP token. Once you use the backup code after that it’s gone for good. Most people print out these Google Authenticator backup codes and keep them on hand.
It’s important to understand that Google Authenticator is multi-token, so you can register multiple tokens for different websites using a single app. Some of these websites provide backup codes, and users can gain access to these websites if their phone is lost. But what do you do with a website that doesn’t support backup codes?
Another point against Google Authenticator backup codes is – they are as secure as passwords written on paper. Hackers can easily copy them if they are in physical vicinity and use them to gain access to your account. Granted, hackers have to be among your peers and know user passwords, but you know… things happen.
Other things you might want to keep in mind when printing the backup code:
- You don’t have it all the time
- You can lose paper or destroy it by mistake
- Only a few services provide it
Google Authenticator backup codes have their advantages, but you should also be prepared for their drawbacks.
2. Save screenshot of secret lock
This is by far the easiest way to never lose access to your account. When you first set up Google Authenticator, just take a screenshot of the barcode with the secret key. Keep screenshots very safe, if someone around you find them, they can access your data.
Please, remember, if that does happen and someone steals your secret key, they will still need to know your user password, so make sure it’s not an easy-to-guess combination.
3. Programmable hardware token
Created as a more secure alternative to authentication apps, the Protectimus Slim NFC hardware token can be used with Google, Facebook, GitHub, Dropbox, etc. This token is easy to program with an application for Android with NFC support.
Tokens look like credit cards and can be carried around easily. So you will always have an alternative source of one-time passwords at all times, for example, if your smartphone battery runs out or you have reset your phone or deleted tokens by mistake.
Hardware tokens are much more secure than a backup code on paper or a lock screen capture – extracting the secret key from the token is completely impossible. Protectimus Slim NFC allows unlimited reprogramming, so every time you change the token on a service, you simply reprogram it and stay protected.
The main drawback here is that one token only allows one secret key.
How to Transfer Google Authenticator to a New Phone
Android
Use the built-in Google Authenticator Account Transfer feature
If you use Google Authenticator on your Android smartphone, there’s now an easier way to transfer it to your new phone. We are talking about the new “Account transfer” feature that was added to Google Authenticator recently. Unfortunately, this feature is only available for Android phones so far. If you are using an iPhone, please see the instructions in the next paragraph or here.
No need to turn off two-factor authentication on all your accounts and enable it again. Simply by tapping a button on Google Authenticator on your old phone, the app will generate a QR code, and then you have to scan this QR code with the Google Authenticator app on your new Android phone. That’s it, all tokens will be moved.
Here is a step-by-step guide for your convenience:
- Download and install the Google Authenticator app on your new smartphone.
- Open Google Authenticator on your old Android phone.
- Tap the menu button at the top right of the app and select Transfer account.
- Select Export account.
- Select the account you want to transfer to the new phone and tap Next. You will need to scan this QR code with the Google Authenticator app on your new phone.
- Now open Google Authenticator on your new Android phone.
- Tap the menu button at the top right of the app and select Transfer account.
- Select Import account.
- Scan the QR code that you have on your old phone. The token you selected will be transferred.
Also, you will see an “Account recently exported” notification in your old app. Pay attention to this message. If it wasn’t you, who moved the Google Authenticator token to a new phone, take action. Replace all your tokens in all your accounts to new ones.
3. Extract Your Credentials Manually [Root Only]
Note: There are many ways to manually transfer Google Authenticator if you have an Android smartphone with root access. We do not recommend using it. Gaining root access can significantly compromise the security of your apps and leave your device vulnerable to viruses and errors.
This is a more time and effort consuming google authenticator backup way to transfer Google Authenticator keys to another smartphone. It requires you to have root access to the smartphone.
To extract the secret key manually you need to grant adb root access, this is easy to do with an app like [root] adbd Insecure if you have a stock ROM. And if you have a custom ROM, you probably already have the necessary adb root access, so no additional apps are needed.
Set adb to insecure mode with the application or directly, connect the smartphone to your PC or laptop and copy the Google Authenticator database to the computer using the command.
This is the pathname:
adbpull/data/data/com.google.android.apps.authenticator2/databases/databases
Once the file is copied, you can open it and see the key using this sqlite editor command:
sqlite3 ./database
select * from account;
Now you have the secret key and can add it to your new device.
iPhone
Move Authenticator to another phone using Google account settings
NOTE: You will only transfer Google tokens this way. This method also works for Android phones.
With Google, it is quite easy to transfer the authenticator and all the secret keys in it to another smartphone. All you have to do is go to the two-step verification page, click the “Start” button, enter your password to verify yourself, and click the “Change phone” button. Then scan the QR or barcode, or enter the secret key on another gadget manually. There he is.
This only works with Google accounts, other accounts where you use Google Authenticator for two-step authentication may not support this option. You will only transfer Google tokens this way. So you might want to try the next two options.
Disable & re-enable Two-Factor Authentication
Disabling two-step verification is pretty easy if you still have your old smartphone. It is usually required to enter the OTP of the currently used token to disable two-factor authentication on any account. To temporarily disable 2FA, simply click the “Turn off 2-Step Verification”, “Remove token”, “Disable 2-step verification” or similar button, depending on the service you are using. You’ll find it on the two-step verification page in the security settings.
Turn off Google Authenticator
Then add an authenticator app to your new gadget and follow the usual steps to set up Google Authenticator on a new phone.
Conclusion
Two-phase authentication is a reliable and sensible google authenticator backup way to protect your invaluable personal data. Whether you use a hardware token or an app like Google Authenticator or Protectimus Smart, you now know how to stay safe even if you change devices or lose your smartphone.
We show you easy ways like Google backup code and make screenshot from secret key. And we show you more secure options like the Protectimus Slim NFC hardware token.
You also now know how to manually extract Google Authenticator data, transfer Google Authenticator to another phone and even turn off two-factor verification if you need to.
So now you have no excuse not to better protect your information. All that’s left to do is create a proper user password that isn’t your cat’s name!
Sumber: How to Backup Google Authenticator or Transfer It to a New Phone
