If you’re reading this, you have probably bought a new iPhone. Congratulations! Now, the question is how to transfer Google Authenticator to new iPhone so as not to lose access to all accounts you protect with multi-factor authentication.
We’ll talk about Google Authenticator for iOS here, but the same works for Android smartphones. Though, if you need to move Google Authenticator from one Android smartphone to another, better use it’s in-built function Transfer Accounts. It allows you to switch Google Authenticator to a new phone in a few clicks moving all the tokens you use at once. Unfortunately, this function is available only on Android so far.
And while we are waiting for the same update in the iOS Google Authenticator version, let’s figure out what methods of Google Authenticator transfer to a new iPhone are available to us now.
The first thought of an average GA user is to simply delete the application from the old iPhone and set up Google Authenticator on new iPhone. However, it’s critical not to do this. Ensure you’ve moved all the OTP tokens to your new smartphone first. If you just delete the Google Authenticator app from the old iPhone and reinstall the application on the new one, your 2FA tokens will be deleted without the possibility to restore and you’ll have to face the complicated process of accounts recovery. On different websites, it’s a different procedure but don’t doubt that it is always long term and painful. Most likely, you’ll have to apply to the support center of every website and prove your identity.
There is a simple way to transfer Google Authenticator to new iPhone, which is described below, but it works only for the 2FA token you use to access your Google Account. If you use iOS Google Authenticator to authenticate on other websites, you’ll have to switch off the 2-factor auth and then turn it on from scratch on these services enrolling new tokens in the new authenticator app manually. Of course, your old iPhone with Google Authenticator is required to login to all these accounts. Furthermore, sometimes you’ll be asked to enter the current OTP password to deactivate MFA. So don’t delete the app from the old phone until you transfer all the tokens from Google Authenticator to a new iPhone.
How does Google Authenticator work
At first, let’s understand the modus operandi of Google Authenticator for iPhone. This will help us to explain what to do to make the process of Google Authenticator transfer to new iPhone smooth and easy. And even more, knowing how the iPhone authenticator app works, you’ll understand how to backup Google Authenticator you use on iPhone.
Google Authenticator generates time-based one-time passes using the Time-based One-time Password Algorithm (TOTP). It means that two parameters are used to generate the OTP code: a unique code, which is usually called a secret key or a seed, this code is shared between the token and the authentication server, and the current time interval. Time intervals are counted from UNIX time, which started at 00:00 on January 1, 1970.
Thus, every 30 seconds Google Authenticator application divides the number of seconds from January 1, 1970, to 30, takes the resulting number, combines it with the seed, processes this data according to the TOTP algorithm, hashes the result, and truncates it to 6 digits – this is an OTP code we see.
As you understand, the key element in setting up Google Authenticator on a new iPhone is a shared secret key. If you know the shared secret, you can recreate the 2FA token. Note, if you save the seed you used to enroll every token you use in some safe place, you’ll create a kind of Google Authenticator backup, but not the safest one.
How to transfer Google Authenticator to a new iPhone in Google service
Below is the guide for moving Google Authenticator to new iPhone. You’ll need your old iPhone, your new iPhone, and a computer or laptop.
NOTE! Please, don’t delete the Google Auth from your old iPhone before you install and check it on a new iPhone!
- Download the Google Authenticator app and install it on your brand-new iPhone.
Install the Google Authenticator from AppStore to your new iPhone.
- Go to your Google account security settings.
Open a browser at your computer and go to the Google 2FA settings webpage.
- Get started.
Log into your Google account if you didn’t do so yet and click “Get started”. Then, you’ll be asked to confirm your identity with your password.
- Click on the “Change phone” button.
Scroll the page and you’ll find the button “Change phone”.
- Choose iPhone.
Choose the iPhone (or Android, the algorithm on how to switch Google Authenticator to new phone is the same for both) and click Next.
- Open your Google Authenticator app on the new iPhone to enroll the token.
Popup will ask you to install the Google Authenticator on new iPhone but we already did it as the first step, so just open the application on your new iPhone and tap “Begin”.
- Choose “Scan a barcode” in your Google Authenticator.
You’ll have two options “Scan a barcode” or “Enter a provided key”, choose the first one.
- Scan the QR code with the secret key.
This will launch the camera and you can scan the QR code with the shared secret key.
- Enter the OTP from your Google Auth and click “Verify”.
The token for Google account will be created and you’ll see the one-time code. Now enter this OTP into a computer and click “Verify”.
That’s it, congratulations! But don’t delete an application from the old smartphone before reading the next paragraph.
How to move Google Authenticator tokens to new iPhone in other services
As we said before, if you just delete Google Authenticator from the old smartphone, it might be difficult to log in to all your services and wallets, you can lose access to important accounts forever. And note that it’s impossible to restore Google Authenticator on an iPhone once you’ve deleted it. Therefore, to move Google Authenticator to new iPhone you need to move all the tokens to the new app while you still have the old smartphone.
To do this, turn off two-factor authentication on every website you protect with Google Authenticator for a while and turn it on again enrolling new tokens on the new iPhone. It is the only way to switch Google Authenticator to new phone wisely.
To make it happen, you need to find the page for 2FA settings in the corresponding app or service and click the button named “Delete the token”, “Turn off two-step verification”, “Disable two-step verification” or something similar.
After that, you need to enable 2FA in all these services again creating new tokens in the Google Authenticator on your new iPhone as you did many times before. You can delete the Google Authenticator app from the old phone only if you are sure that you moved all the tokens to the new iPhone.
You can see every account switched to a new phone in the Google Authenticator application. This will help you understand which accounts are switched and which you still should add.
| Read also: 2FA Security Flaws You Should Know About
How to protect yourself in case the iPhone crashes, gets lost, or is stolen
Unfortunately, sometimes we change phones not on our own volition. The iPhone can get lost, be stolen, or just crash. In this case, you don’t have the old phone to make all the transfer steps correctly, which makes Google Authenticator move to new iPhone literally impossible. Luckily, you can protect yourself from such situations and create a backup for your iPhone Google Authenticator using the following tips:
- Store backup codes if the website provides them. Unfortunately, not all websites have this option.
- Store the secret keys used for creating the tokens. But you should know that it’s quite risky, so these must be stored in a very safe place, like a USB drive in an actual bank safe.
- Use hardware reprogrammable tokens Protectimus Slim NFC instead of GA or for Google Authenticator iOS backup. Note: they can be programmed only with Android phones with NFC support. However, you need an Android phone only once – to add the secret key into the token, and then it works autonomously without ever needing to connect to the Android smartphone.
| Read also: TOTP Tokens Protectimus Slim NFC: FAQ
Conclusions: now you know how to move Google Authenticator to new iPhone and it’s quite simple
As you can see, moving Google Authenticator to your new iPhone is a pretty straightforward process. You just have to keep in mind not to get rid of an old smartphone when you transfer Google Auth to new iPhone. However, if such an update was forced and not voluntary, it’s better to have a backup plan, like secret codes stored in a bank safe, a programmable hardware token, or an alternative Google Authenticator backup iPhone app. Protectimus is always happy to help you ensure the security and protection of all your accounts! If you have any questions — feel free to contact us and ask!
- Remote Work: How to Transition Team to Working From Home During the COVID-19 Pandemic
- Twitter Two-Factor Authentication in Details
- How to Secure Bitcoin Wallet
- 9 Must-Follow Gmail Security Rules
- PayPal Two-Factor Authentication with Hardware Security Key
- Two-factor authentication for Windows 7, 8, 10
- Top 7 Tips How to Protect Yourself from Phishing Scams
- Doxing. What Is It? How to Dox? How to Protect Yourself from Doxing?
- Why US, Canadian, and EU Universities Choose Programmable Hardware OTP Tokens