1

Sorry if this question is a duplicate. I searched some hours but could not find any satisfying solution for the following problem.

I am using a two-factor-authentication-app (in my case Google Authenticator) for advanced security. This works well.

But I am afraid: what can I do if I lose my smartphone or my smartphone is broken? How can I restore the access to the several websites/services/etc that require two-factor-authentication-app? Is there any "seed" I can backup (and "import" in the two-factor-authentication-app on my new phone) to restore login-access to all sites/services where I am using two-factor-authentication?

Let's think about the following case:

I am using a two-factor-authentication for login to example.com. Now I have not access to my smartphone anymore and can not disable two-factor-authentication for my example.com-account because I can not login and example.com does not provide alternative login-options. I can not see any possibility to login to example.com.

The issue that someone else may get access to my two-factor-authentication-app is not a part of my question because if my smartphone is stolen the thief does not know my regular password.

Improve this question

2 Answers 2

Reset to default
2

You can use a TOTP-compliant app that will share your logins across multiple devices, such as Authy or 1Password and store them in the cloud. Of course, that's also a bit less secure, since it gives you another way that your logins can leak. I personally use Authy to share my two-factor logins across four different devices.

Improve this answer
0

Now, after some years, i have found a way to go. For everyone else who has the same question i write it here as possible solution:

Always when we enable 2FA anywhere we copy the qr-code-value. In this qr-code-uri there is always a "secret" key. This is the important part for the backup, but we can simply do a backup of the entire qr-code-uri on a secure place (for example in a password-manager). When the 2fa-device is lost or broke then we simply re-enter the secret-key from the qr-code-uri stored in the password-manager. Obviously it is also possible to use a (offline-)qr-code-generator to recreate the qr-code to be able to simply scan the qr-code like we have done it first time.

Nevertheless thanks to Mike Scott for the alternative solution.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .