Advice Request Why does Google Authenticator not backup its own codes?

Please provide comments and solutions that are helpful to the author of this topic.
I Walk MY Way

I Walk MY Way

Level 8
Thread author
Verified
Well-known
Forum Veteran
May 27, 2013
337
1
1,636
669
long story short
My phone an Android 12 got hacked I used two apps for f2a authentication for website's and forums ect
1 was google authenticator and the other was Avira password manager As a result of the hack I did a factory reset, after the reset with everything updated
I discovered that the google authenticator app was empty no authentication codes.
When I tried Avira the authentication codes were all accounted for so My guess is they were backed up to Avira cloud system.
So my question is why dose google authenticator not backup its own codes?
 
  • Like
Reactions: piquiteco and Jack
Google Authenticator does not automatically backup its codes to the cloud because it was designed with security in mind. By not storing the codes anywhere else, it ensures that only the user has access to them, reducing the risk of a third party accessing them. However, this also means that if the device is lost or reset, the codes will also be lost unless the user manually backs them up to a separate location. On the other hand, Avira Password Manager is designed to securely store and sync your passwords and authentication codes across multiple devices, which is why your codes were still available after the factory reset.
 
  • Like
  • Applause
Reactions: brambedkar59, Jack, The_King and 1 other person
How do you manually back Google Authenticator codes them up to a separate location
 
  • Like
Reactions: Jack
Mod Edit: I have changed your thread title as your question does not reflect to Avira, but more over to Google.

Googles Authenticator only offers Device-to-Device account transfers which is suited for switching phones, not for standalone backups.

Avira Password Manager appears to work similar to Bitwarden Authenticator (TOTP) | Bitwarden Help Center which lets users store 2FA/TOTP codes, without needing to use another Authenticator app. And it's why all your data appears when you login to your Avira account after a factory reset. All data is stored in the cloud.
  • As you seem satisfied by Avira Password Manager, you could switch all 2FA over to them.
  • Another option would be Microsoft Authenticator which offers cloud backups for ease of use. All data is stored in the cloud.
  • For more control and better privacy, some Authenticator apps lets users manually backup their codes. Users hold their keys.
  • Hardware security keys are the best choice, but not ideal for everyone.
You can switch from Google Authenticator to another app/service using the generated backup codes from when you first enabled 2FA on the sites/apps. These single-use codes can be used to authenticate yourself into the sites that have been affected by Google Authenticator, where you can switch to another 2FA app. If you are locked out, contacting the sites Support might be able to help you get back into your account(s).
 
  • Like
  • Love
Reactions: brambedkar59, I Walk MY Way, Jack and 4 others
I Walk MY Way said:
How do you manually back Google Authenticator codes them up to a separate location
Click to expand...

You can use a 2nd authenticator which supports codes backup. From Google Authenticator export the codes and import by the other authenticator

For me I copied the codes to a Word file
 
Last edited:
  • Like
Reactions: piquiteco, I Walk MY Way and MuzzMelbourne
I Walk MY Way said:
How do you manually back Google Authenticator codes them up to a separate location
Click to expand...
To manually back up the codes generated by Google Authenticator, you have a few options:

1. Write down or print out the codes: When you first set up two-factor authentication with Google Authenticator, you are given a set of backup codes. You should keep these codes in a secure location so that they cannot be easily accessed by anyone else.

2. Export the codes to a different device or a cloud storage service: To export the codes from the Google Authenticator app, open the app and tap on the three dots in the upper-right corner. Choose "Export accounts" and then choose the location where you want to save the exported file, such as your Google Drive or another cloud storage service.

3. Use a third-party app to sync the codes across devices: There are third-party apps available that can help you sync your Google Authenticator codes across multiple devices. For example, Authy is a popular authentication app that allows you to backup your codes and sync them across devices. To set this up, you'll need to download the Authy app, go through the setup process, and then transfer your Google Authenticator accounts to Authy.
 
  • Hundred Points
Reactions: I Walk MY Way
I Walk MY Way said:
I discovered that the google authenticator app was empty no authentication codes.
Click to expand...
Yes, it happened to me as well a long time ago. One reason why Google Authenticator does not have backup capability built into the app is for security reasons. By not backing up the codes, it makes it more difficult for hackers to gain access to your accounts if they manage to steal your phone or gain access to your Google account.
Similar to you, I always thought that the profile/codes will be backed up on my Google account. I'm currently using Microsoft Authenticator as it has a backup feature built-in.
 
  • Like
  • +Reputation
Reactions: brambedkar59, Jonny Quest, piquiteco and 3 others
Alexai said:
hallo @MuzzMelbourne
Do you use 2FAS . com? Is it good enough?

Twilio Customer Data Exposed after its Staffers got Phished Ouch!
Click to expand...
Yes, but I got it through the app store. Wasn't even aware of the URL you listed, but it looks the same to me.

Its "good enough" for me. Been using it since it was released, never had a problem. Never not been able to use it where Google or Microsoft authenticator's are suggested(even use it on Google stuff).

Plus, it's Open Source, free and really easy to use.

Happy to recommend it for what that's worth.
 
  • Thanks
Reactions: Alexai

You may also like...