How to Create a Backup of the Authenticator?
If you lose or break your phone, there will be no access to the authenticator, so creating a backup in advance is wise. The specific method of making a copy depends on your personal preferences and the choice of the authenticator application itself.
Let’s talk about each option.
Is Google Authenticator safe to use? Find out the answer in the article.
How to make a backup copy of 2FA codes?
Two-factor authentication (also known as 2FA) is a helpful tool to prevent hackers from accessing your account. Many applications can store all your 2FA codes in one place. So instead of searching for various 2FA devices and apps to get a login code, you simply download the app and check the code of the site you want to access.
While this is very useful, it causes a problem. What if you want to upgrade your phone and easily transfer all the codes from the old device to the new one. Even worse, what can happen when you lose your phone and all the codes with it. In these cases, it is best to back up the 2FA codes so that you can restore them later.
What is reserved?
The concept of backing up 2FA codes may seem a bit absurd. After all, they expire after thirty seconds — why are we copying them? We did not create backups of real codes — we made a backup of the initial number used to create them.
When using the 2FA code generator, the generated codes are based on the initial number. This initial number is known to both your device and the login server with which you have installed 2FA, and it determines which codes are generated at what time.
When you use the code to log in to the service, the login server checks the code you specified for the one you created. If they match, then it is clear that you are the real deal, and the authorization server allows you to log in.
So if you make a backup of these initial numbers, you can reproduce the code generator on any device you like. So you don’t have to worry about setting up 2FA on all your sites with a new device, just give it the data, and it will produce the codes you need.
Working ways for creating authenticator backup
Method 1: Keep secret keys or QR codes in a safe place
Everyone knows that one-time codes created in special applications are generated using a secret key. This happens after enabling authentication utilizing the app. The generated key consists of 16 characters, with a built-in QR code encoding and scan.
The resulting code can be stored anywhere or even memorized (the safest way). The most common way to store it is to keep it in a safe place. Such a place can be like notes in a messenger or a screen of the QR code of the password stored in secure storage on the device.
This way, you can always quickly find the necessary password or QR code and get access to your account.
How to use QR codes securely? Read the article and stay protected.
Method 2: Export tokens already created in the authenticator
The function of exporting and importing tokens already installed in the application is available only in one authenticator — this is Google Authenticator.
Other applications are likely based on cloud synchronization, so the developers decided to skip this feature. But the cloud will not help those who already use Google Authenticator and would like to try an alternative.
It is elementary and convenient to save tokens in Google Authenticator:
- Find and choose the three dots on the screen.
- Click on the “Export accounts” button.
- Choose the desired accs.
After that, a vast QR code will appear on the screen, which contains all the chosen tokens at once.
Now it just remains to take a screenshot and save the picture in the password manager’s secure storage.
Method 3: Use cloud synchronization of the authenticator app
In addition to Google Authenticator, many authenticator apps have a built-in function of storing a specific key in a cloud and synchronizing authenticators on different devices. However, you need to create an account to use these functions, thereby revealing your phone number and email address.
If you use Microsoft Authenticator, then you don’t need to create a new account. Instead, you can use an already created Microsoft account (if there is none, you will need to make it and then use it for Microsoft Authenticator.)
However, there is still one nuance. Unfortunately, Microsoft Authenticator for iOS saves a copy to iCloud. In comparison, the Android version is in a different location unknown to users.
Therefore, if you want to copy another phone, it will not be easy to do so. You will not be able to restore the authenticator backup automatically. It will be tedious to create tokens for the account again.
Method 4: Install the authenticator application on several devices at once
All time codes are created based on the secret key and the current time. Therefore, each user can have several copies of running authenticator applications at the same time, which synchronously generate the same codes with each other. So, you can always use a spare code.
Remember, it is better to create a backup of the authenticator right away to avoid problems in the future.