11 upvotes, 9 direct replies (showing 9)
View submission: How to keep your Reddit account safe
Is Google authenticator tied to my mobile device or to my Google account? Meaning if I lose my current phone, can I still use Google authenticator on a different device, or do I absolutely *have* to use a backup code?
Comment by IanPPK at 06/05/2019 at 21:01 UTC*
5 upvotes, 1 direct replies
Google Authenticator stores information locally on the device and is not cloud synced.at the end of the day Google's two-factor authentication is only a key generation based on a locally stored seed that a generator references, and they are other applications such as LastPass Authenticator for one that allow you to sync your two-factor authentication seeds with their service.
I recently had to move my seeds from my Nexus 6 on Google Authenticator which was fortunately rootable and so I was able to actually use an SQLite reader to pull the keys from the database directly in a secure manner. I can honestly say that I was a much easier process than having to deactivate 2FA and then reactivate it for each service I use, but you have to be careful.
Comment by worstnerd at 06/05/2019 at 17:50 UTC
11 upvotes, 1 direct replies
Here is a page[1] that might answer your question
1: https://support.google.com/accounts/answer/1188780
Comment by electricity_is_life at 06/05/2019 at 18:26 UTC
7 upvotes, 1 direct replies
Google Authenticator is tied to your physical device. It's meant to be a replacement for a YubiKey or similar. The whole point is to prove that you have the actual object.
Comment by Krunk_Fu at 06/05/2019 at 18:09 UTC
4 upvotes, 0 direct replies
It wasn’t for me. I changed phones in January and the restore brought back the Google Authenticator but none of the TOTPs were there. I moved to using the LastPass authenticator since I already use LastPass and it backs up the TOTPs and can restore them. Also it will auto fill in the PIN on sites like Amazon, etc.
Comment by me-myself_and-irene at 06/05/2019 at 20:28 UTC
3 upvotes, 0 direct replies
Yes you can still use Google authentication if you lose your phone but it can take several days.
https://support.google.com/accounts/answer/185834?hl=en
Comment by Sovos at 06/05/2019 at 21:20 UTC
2 upvotes, 0 direct replies
Ideally, you save your backup codes somewhere safe like a password manager.
Alternatively, you can use a OTP app like Authy to have an easy way to move between devices without having to resync each account.
Just keep in mind Authy is not open source and is a (free) product of Twilio
Open source can have it's own issues with security updates and auditing, so just be aware of where your software is coming from and the motivations of its authors.
Comment by Natanael_L at 06/05/2019 at 18:02 UTC
3 upvotes, 0 direct replies
Google authenticator the app isn't backed up by default! Need to back up those codes manually
Comment by Swedneck at 07/05/2019 at 15:52 UTC
2 upvotes, 0 direct replies
I'd recommend using something like andOTP and making an encrypted backup. andOTP is completely free and open source, and available on F-Droid.
Comment by p3numbra_3 at 07/05/2019 at 01:09 UTC
2 upvotes, 0 direct replies
Before moving to gauth, check andOTP FOSS app with encrypted backup capabilities.