Most online accounts give you the option of setting up 2FA for an extra layer of security when logging in. Using your phone number as your 2FA verification is excellent – you receive a text or phone call to verify it’s you, and boom! You’re in. Except now you’ve lost your phone and can’t access any of your accounts. Don’t panic just yet; you still have some options, which we discuss below, along with some handy preventative measures. Show
Backup codes: the easy way to recover your accountWhen you set up 2FA on most sites, including Google, they provide you with a set of unique recovery codes, which are made up of random numbers and sometimes letters. Each backup code can be used once to log in to your account.
Please don’t save your recovery codes in the cloud – such as in your emails or notes. Your email account and devices can be hacked, lost, or stolen, and if you get locked out of your email account, you’ll lose access to your codes. Instead, use a USB stick, external disk drive, or encrypted password manager to store them securely. If you want to get more creative, you could store them on an old phone, Kindle or iPad that is factory-reset and set to offline mode for maximum security. Level up your online safetyWith advanced features. Transfer your old phone number to a new phoneIf you didn’t save your backup codes, and you’ve lost the phone that you use for 2-factor authentication – try calling your phone network to transfer your old number over to a new phone. You’ll need a new SIM card for that, and it could take a day or two for it to activate. But once you have your old number working again, you can receive 2FA verification codes as usual.
If you’ve lost your phone, you should be able to remotely erase it if you’ve previously activated the feature in settings. Use Apple’s Find My Phone or Google’s Find My Device to view its location and delete its contents. The last thing you need is someone accessing your 2FA from your old phone and breaching all of your accounts. Have your verification code sent to your backup phoneWhen you set up 2-step verification, you may have been given the option to choose a backup phone in case you lose access to your main number. If you’ve done this on Google, for example, select “Try another way to sign in” and have your verification code sent to your backup phone.
You can add their number as a trusted backup source in case you lose access to your phone. Since a phone number is only part of the verification process for most accounts, it’s a good idea to use this method for your Apple ID, for example. Apple’s alternative recovery process is intentionally time-consuming to deter criminals. That’s why having a trusted friend receive your codes can be a massive relief during emergencies. Set up 2FA on two different devicesHaving a secondary device with your 2FA is a great backup if you ever lose your primary phone. A whole barrage of authentication apps exists to help you with 2FA, like Authy and Google Authenticator. The latter lets you scan a unique QR code to verify it’s you. Take a picture of the QR code on a secondary device or, better yet, print it and store it in a secret location to use in dire situations. Contact customer serviceLosing access to your 2FA isn’t the end of the world, which is why customer service departments are there to help. While proving your identity and going through recovery processes are difficult and time-consuming, your service may offer some quicker verification methods. Take your bank, for example. They may ask you to confirm your card details, unique security numbers, or address to help you get back into your account. Either way, forgetting passwords and losing devices is common, so it’s always worth a call before you give up. Use NordPass with biometric authentication2-step authentication is a good security measure, but it’s not without its inconveniences. So it might be time to rethink your account security and opt for biometrics. Biometric authentication uses face, voice, or fingerprint recognition to help you access your accounts. The NordPass app can be set up with your Face ID or fingerprint to quickly access your encrypted vault of passwords. No longer are you bound to stashing physical copies of passwords – your details in NordPass are accessible from your phone or tablet, even when you’re offline. Even though you use 2FA, you still need a secure way of storing your passwords and codes, which is what NordPass is expertly designed to help you with. My phone got stuck in bootloop a ways back so I am intimately familiar with this situation. The easiest way is: SAVE YOUR BACKUP CODES! When you created your 2FA sign on with most sites, including Google, they provided you with Store these like you do a private key. Do not save them to your computer or dropbox. Do not send them. Do not post them on reddit. Write them down or print them out and store in 2 physically different locations. The other option, which is actually way easier especially since my phone dies from constantly getting notifications, is to set up your 2FA on two devices whenever you enable 2FA or create a new account. Perhaps you can make use of that old, rooted, Amazon Kindle or iPhone 5. Factory reset & ensure it's not able to connect to the WiFi & turn on airplane mode. You can also print out the QR code itself that you use to add to Google Authenticator originally so that if you ever need to re-set up 2FA, you can do so. If you don't have a printer, you can typically click the "show code" or "can't read the qr code?" or something and get a text version that you can then write down. Protip: make sure you label what this QR code or text code is (e.g. "2FA for Poloniex"). How to be Secure while being able to recover your 2FA
That said: most 2FA is surprisingly insecure bc usability. It isn't inherently insecure, but it was surprisingly easy to regain access to all my accounts even though I had minimal backup codes stored in a multitude of locations over a few years.
For non-Google accounts, it's pretty easy to restore access in one way or another, either via the above methods or going through the process of bypassing 2FA with your email account. A pain, but not impossible. You can also break out that old computer and see if you are still logged in anywhere and can disable it. Or see if there are other access methods, like SSHing in or oauth where you can set up a new account via a Facebook or Twitter account that uses the same email address as the account you already have and see if you can sneak in that way. There are a few that you will not be able to get into. In those cases, you will need to reach out to the service itself and see what you would need to provide in order to get them to turn of 2FA for you or otherwise bypass. I would actually strongly encourage everyone to have a beer, turn off your phone, and see what accounts you can get into without your 2FA codes. If you can get it, you need to adjust your settings to be more secure AFTER you actually have viable, secure, offline backups of the recovery codes. What happens if you lose access to Google Authenticator?If you lose access to the Google Authenticator codes, please contact our support immediately by sending a selfie photo, which will verify your identity as the account owner.
Can you recover Google Authenticator on new phone?If you've deleted the Google Authenticator app on your old phone without first moving the accounts to the new phone, you have two options. Retrieve via backup codes you were given when you created your google authenticator account or you'll have to add each of your accounts manually to your new phone.
How do I get Google Authenticator on my new phone without my old phone?Transferring Google Authenticator Codes to a New Phone if your Phone is Lost. On your browser, go to your Google account.. Navigate to Security.. Go to 2-Step Verification.. Enter your Google password.. Scroll down to Backup Codes.. Select Show Codes.. |