Author

Topic: 2FA-Recovering your KYC Google Auth Keys. (Read 546 times)

legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
September 02, 2020, 10:46:37 AM
#44
~snip~

Glad that it helps as it should be, thank you for your words. Cool


Yes, you got it right. I've already used this copy of Google's two-factor authentication several times when I transferred it to a new smartphone. There was also a case when I had to reset the data to factory settings and, accordingly, without a copy of my keys, I would not be able to restore access without the help of the support service.

Great info, I didn't know that. When I get my new phone (still with a back up one), I will try it as well. Smiley
legendary
Activity: 2268
Merit: 1655
To the Moon
September 02, 2020, 09:50:34 AM
#43
I use my wife's smartphone as a backup) In my opinion, there is nothing easier than this.  Previously, I used my old smartphone for this purpose. I hope I don't have to use this method to restore my account, but a copy of my 2fa Google Auth must be saved.

It sounds good to have a second phone as a way to easily transfer your accounts in any moment but it's not a backup. If I understand correctly, you have two different devices with the same account keys running in both of them?

Yes, you got it right. I've already used this copy of Google's two-factor authentication several times when I transferred it to a new smartphone. There was also a case when I had to reset the data to factory settings and, accordingly, without a copy of my keys, I would not be able to restore access without the help of the support service.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
September 02, 2020, 05:10:13 AM
#42
Recently I upgrade my phone and I was searching for this guide on the internet, most of them which I found are either outdated or not easy to understand.

Thankfully saw this thread and thanks to your guide I can now easily transfer my authenticator's data from my old phone to the new one.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
September 02, 2020, 03:46:18 AM
#41
I use my wife's smartphone as a backup) In my opinion, there is nothing easier than this.  Previously, I used my old smartphone for this purpose. I hope I don't have to use this method to restore my account, but a copy of my 2fa Google Auth must be saved.

It sounds good to have a second phone as a way to easily transfer your accounts in any moment but it's not a backup. If I understand correctly, you have two different devices with the same account keys running in both of them?
legendary
Activity: 2268
Merit: 1655
To the Moon
August 31, 2020, 02:40:14 PM
#40
...
When I was a newbie, I simply scanned QR code and 2FA activation was done like that. I don't back up or if I backup I don't test backup's validity.

I use my wife's smartphone as a backup) In my opinion, there is nothing easier than this.  Previously, I used my old smartphone for this purpose. I hope I don't have to use this method to restore my account, but a copy of my 2fa Google Auth must be saved.
legendary
Activity: 2464
Merit: 2094
August 31, 2020, 01:16:34 PM
#39
Good guidd and also a bit of warning to be careful to your phone. It is much safer if you have to hand written the back up codes even if google auth does have a transfer feature where you can transfer the data to the new phone. Before that, google auth doesn't have that back up feature yet so hand written is the first choice to do and even if it is implemented having second back up is also good if ever you can recover tbe codes on first choice.
You don't have to do the traditional way of handwriting notes to manually save code on a piece of paper, just backup it and you just need to re-import it on a new device. Don't worry if your phone is damaged or lost because you still have a backup of the related email.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 31, 2020, 06:47:27 AM
#38
even a simple Gmail account is enough to clone accounts or get the backup. I am happy that I can finally stop worrying about it.

It's indeed very helpful but let's not forget. If you don't set Google Auth, as your Google account Two- Step verification method you can't get a thing. So having a handwritten backup of your keys is a MUST.

It is useful and I am happy that I have read it.

Thank you very much, really appreciate it. Cool


I edit the OP with the only pics that I have for Method 1 (courtesy of Cadaver20). Sorry that isn't screenshots but it's better than nothing. Smiley

hero member
Activity: 2856
Merit: 674
August 28, 2020, 05:43:42 PM
#37
When I started using 2FA, I chose Google Authenticator because it looked simple and looked safer. But over time I wanted to switch to another app like Aunty which has more features than Google.

Google Auth also can't do the previous backup, and that's what made me switch, because I'm worried that if my phone suddenly crashes I don't have a 2FA code backup.

I have been using Authy app ever since and I have never face a single problem, have changed my phone several times already but I never have to worried of not being able to access my accounts in different sites as I have an APP also installed in my computer. So any time I could access my account using this 2FA app even without my phone as all devices I used are link to each other.

Just FYI to those who have not use Authy, the app is simple and safe also.
legendary
Activity: 2338
Merit: 1084
zknodes.org
August 28, 2020, 05:34:37 PM
#36
When I started using 2FA, I chose Google Authenticator because it looked simple and looked safer. But over time I wanted to switch to another app like Aunty which has more features than Google.

Google Auth also can't do the previous backup, and that's what made me switch, because I'm worried that if my phone suddenly crashes I don't have a 2FA code backup.
full member
Activity: 686
Merit: 125
August 28, 2020, 04:31:49 PM
#35
I am always having a hard time in 2FA and it may be safe to our part especially securing account but it may als be the reason that I can't access my account especially if the device I am using will be lost. I know that it is for security but I prefer to use the text messaging in my accounts where log in requires to get the code from text message. This is I guess an easy way for me to access my account and getting secure. Same as google authenticator but the problem is one may having difficulties in reseting the password if forgotten.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 28, 2020, 03:37:33 PM
#34
I hope this thread will be useful and easy to understand from anyone around. Thank's and BTCe-safe.

It is useful and I am happy that I have read it.

As many members here, I am also using Google Authenticator for my 2FA security settings and wondered already many times, especially when logging in using 2FA, how complicated it could be to get that account on a new phone or to login to exchanges when problems with phone start to occur sooner or later? Of course, I have my codes written on paper and saved but still, I was afraid it will be a lot of problems to get it working.

Now I am delighted one can say  Cheesy. Not joking here because we have to depend on those things and if something goes wrong many times a lot of money could be lost or get stuck in a volatile market.
I am happy that it is easy as it should be and even a simple Gmail account is enough to clone accounts or get the backup. I am happy that I can finally stop worrying about it.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 28, 2020, 06:02:21 AM
#33
Apparently, Apps can enable the FLAG_SECURE setting to avoid screen captures on the App, or certain screens on the App, reducing the risk of a (another) malicious App being able to issue screen captures from Google Authenticator, whilst running in the background.

See: https://wwws.nightwatchcybersecurity.com/2020/03/03/google-authenticator-for-android-allows-screen-capture/

People reported it as a bug (so as to say, it seems to have been there since 2014), and it appears to be fixed on Android, stating that it cannot capture the screen when you try. Nevertheless, I’ve also tried it on an Iphone and managed to capture a screenshot. I’ve checked on the App store, and the current version on IOS, version 3.0.1 for the App, seems to be from September 2018, which oddly lacks updates since then.

So it seems that the only way is to follow the old school method to post pics, thus our eyes will go crazy! 🤪
It's indeed quite odd that updates lack for this app... Btw, thank's for sharing this info!
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
August 28, 2020, 05:47:03 AM
#32
Apparently, Apps can enable the FLAG_SECURE setting to avoid screen captures on the App, or certain screens on the App, reducing the risk of a (another) malicious App being able to issue screen captures from Google Authenticator, whilst running in the background.

See: https://wwws.nightwatchcybersecurity.com/2020/03/03/google-authenticator-for-android-allows-screen-capture/

People reported it as a bug (so as to say, it seems to have been there since 2014), and it appears to be fixed on Android, stating that it cannot capture the screen when you try. Nevertheless, I’ve also tried it on an Iphone and managed to capture a screenshot. I’ve checked on the App store, and the current version on IOS, version 3.0.1 for the App, seems to be from September 2018, which oddly lacks updates since then.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 28, 2020, 05:17:04 AM
#31
There is substitute way for this method, You can turn off the 2FA security on the exchange since you can still access the Authenticator app in the old phone then request for a new 2FA key once you have new device that has Authenticator installed. It's advisable if the condition of the old phone was unstable because the old device might get broke anytime considering that you borrow your friends phone to access your exchange and you don't have new device.

You are correct, you can do that as long as you trust your friend (lol)

The method 2 is a great idea. I don't have any idea that I can access my authenticator data on my email that I used on my account.  Smiley

Tbh I didn't know that either but my friend use a lot this way for recovering or store data from several (if not all) app's. So we try for Google Auth and it works. Smiley


You could totally import it from different phones when you have a new phone but if you lost your phone is a different story, I've searched on youtube last time what method I can do but you need to do it before you lost your phone, for example, Facebook, which have a backup could that you could use when you lost your google authenticator, etc.

As far as I know, if you lose your phone and you don't have your recovery 16-digit keys, then you can't do anything to recover them. Sad

There are so many authenticators already that is getting recommended by a lot of users but I only know google but google still a good choice.

I check all the references from our fellow members and it seems that Aegis is for now the best, safest, and stronger (in the matter of choices/ options) Authenticator app. Ofc Goggle will always be Google, whatever that means to anyone...

Is it a new update from Google? Are every code save in your Gmail can be recovered or saved?

Idk if it's a new update but you can recover every single code/ account if you have enabled as 2 Step Verification the Google Auth in your Google account.


It seems that my phone can't take screenshots from Google Auth for some reason. I get a message saying that the app doesn't permit screenshots... Undecided That's new for sure!
If can someone verify this or can take some screenshots for Method 1 (without any information such e-mails on them), it will be appreciated. Smiley
sr. member
Activity: 1820
Merit: 436
August 28, 2020, 03:02:56 AM
#30
~

It also happened to me by I didn't recover my code at all  Sad For some exchanger that I use google authenticator some of it when you log in you need to use the code after logging in but it doesn't have an option when you lost your code, etc. and the support is crap.

You could totally import it from different phones when you have a new phone but if you lost your phone is a different story, I've searched on youtube last time what method I can do but you need to do it before you lost your phone, for example, Facebook, which have a backup could that you could use when you lost your google authenticator, etc. There are so many authenticators already that is getting recommended by a lot of users but I only know google but google still a good choice.

Is it a new update from Google? Are every code save in your Gmail can be recovered or saved?

hero member
Activity: 2492
Merit: 542
August 28, 2020, 02:32:13 AM
#29
Nice info heres my experienced I ended shifting into authy app after I changed my phone last year and retrieving so many 2fa codes in almost 30+ websites and its ridiculous google auth has no backup feature that time and everytime I changed my phone I always ended like this, thanks for the update op.   
hero member
Activity: 2744
Merit: 702
Dimon69
August 28, 2020, 12:19:31 AM
#28

Method 1: You download the Google Auth to your new phone, you open it and you go to app's "Menu" (the three vertical dots on the top right corner of your phone's screen).
You select "Account Transfer" and a message appears asking you if you want to "Export" your accounts (by creating a QR code which you will scan with your new phone) or to "Import" them (by scanning the QR from your previous phone). Doesn't matter if the camera of your old/ damaged phone doesn't work. You choose "Export accounts", scan the QR with your new phone and you are done.

IMPORTANT NOTE If your phone is lost or it can't be open after damage, this method is not possible. You need to have your old device working (at least the phone's screen).


There is substitute way for this method, You can turn off the 2FA security on the exchange since you can still access the Authenticator app in the old phone then request for a new 2FA key once you have new device that has Authenticator installed. It's advisable if the condition of the old phone was unstable because the old device might get broke anytime considering that you borrow your friends phone to access your exchange and you don't have new device.

The method 2 is a great idea. I don't have any idea that I can access my authenticator data on my email that I used on my account.  Smiley
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
August 28, 2020, 12:11:06 AM
#27
Good guidd and also a bit of warning to be careful to your phone. It is much safer if you have to hand written the back up codes even if google auth does have a transfer feature where you can transfer the data to the new phone. Before that, google auth doesn't have that back up feature yet so hand written is the first choice to do and even if it is implemented having second back up is also good if ever you can recover tbe codes on first choice.
hero member
Activity: 2520
Merit: 952
August 26, 2020, 08:09:10 AM
#26
Good to see Google authenticator finally got an update, it had been ages. I have moved to Aegis though.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 26, 2020, 06:55:06 AM
#25
<…> I believe that Cadaver is aware of it. <…>
Aware and complacent with those/his 2FA code showing (+ 2 email addresses tied to them)?
If they are his, I don’t get why it’s taking so long to take them down (i.e. erase the original image). If on the other hand they are dummy codes, generated to exemplify, then perhaps a note would help to avoid assuming they are his codes being self-leaked and propagated.

Well, until he verifies what is it, I will remove them.

I know but then the thread will be bigger and (I guess) harder to read it...
Not really. If the images are not massive in size, and they are meaningful to describe the procedure, I doubt anyone will complain (besides the quality thingy).

My pic/ photo editing skills are limited but I will try and do my best. I can promise anything though... Lips sealed
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
August 26, 2020, 06:40:00 AM
#24
<…> I believe that Cadaver is aware of it. <…>
Aware and complacent with those/his 2FA code showing (+ 2 email addresses tied to them)?
If they are his, I don’t get why it’s taking so long to take them down (i.e. erase the original image). If on the other hand they are dummy codes, generated to exemplify, then perhaps a note would help to avoid assuming they are his codes being self-leaked and propagated.
 
Quote
I know but then the thread will be bigger and (I guess) harder to read it...
Not really. If the images are not massive in size, and they are meaningful to describe the procedure, I doubt anyone will complain (besides the quality thingy).
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 26, 2020, 06:31:53 AM
#23
Starting with what kind of mobile you own, would help.
Or searching for "screenshot + [your mobile]" on the internet will yield results, taking less than a minute.

Ok man, I will. Cool For the moment I use a semi-broken screen Xiaomi M1, until my new phone arrives.
legendary
Activity: 1624
Merit: 2481
August 26, 2020, 06:29:51 AM
#22
I don't have keys for all records

Shouldn't the "export account" function, when exporting only a single 2fa, show the secret of the chosen 2fa ?
Not having a backup is just as bad as not having a backup of passwords etc. If a 2FA is mandatory, you won't gain any access without it resulting in trouble.

It is recommended to always have a backup of 2FA seeds, just as you would with a mnemonic code.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 26, 2020, 06:25:22 AM
#21
Any way to make the transfer of all readings from Google Auth to Aegis through QR codes? I have tried but Aegis failed to read QR generated by Google Auth so I have been  forced to transfer data manually, one-by-one, but the problem is 1) I don't have keys for all records 2) it's a time consuming procedure.

I'm almost certain that you can't put a code generated from Google Auth to any other Auth app and I guess the opposite is not possible either.
As for problem #1 you can disable 2FA from the site that you don't have the keys using Google app and then reenable it (thus new QR code) and scan it with Aegis app.
Problem #2 is something unsolved, for now... Grin
legendary
Activity: 1624
Merit: 2481
August 26, 2020, 06:23:03 AM
#20
Until I find a way though how to take screenshots with my new phone, these pics will be there.

Starting with what kind of mobile you own, would help.
Or searching for "screenshot + [your mobile]" on the internet will yield results, taking less than a minute.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 26, 2020, 06:13:58 AM
#19
You should both delete or change the last image link immediately (and the image itself from the hosting platform), if it the barcode is genuinely yours, and not a test run. I tried importing it with Google Authentifier, and It give access to sensitive information (which I will now delete-> deleted). Bear in mind that, if it is your information that is showing (@Cadaver20), it's already compromised.

I believe that Cadaver is aware of it. Undecided

By the way, you can make the images visible in the OP, instead of leaving just the link.

I know but then the thread will be bigger and (I guess) harder to read it...


And when you are at it, delete all the images and do it again. This time using screenshots.
Photos taken of a screen with a camera are.. let's say outdated.

Please use screenshots. It hurts my eyes to look at camera photos of screens.

Haha, you are totally right! Cheesy Until I find a way though how to take screenshots with my new phone, these pics will be there. Not to mention that I'm not the fastest/ better screenshooter here... Grin
Unless a good samaritan appears, do the procedure and offer his screenshots. I will be more than happy to add them to OP.
legendary
Activity: 1624
Merit: 2481
August 26, 2020, 05:43:19 AM
#18
By the way, you can make the images visible in the OP, instead of leaving just the link.

And when you are at it, delete all the images and do it again. This time using screenshots.
Photos taken of a screen with a camera are.. let's say outdated.

Please use screenshots. It hurts my eyes to look at camera photos of screens.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
August 26, 2020, 04:57:39 AM
#17
<...>
<...>
You should both delete or change the last image link immediately (and the image itself from the hosting platform), if it the barcode is genuinely yours, and not a test run. I tried importing it with Google Authentifier, and It give access to sensitive information (which I will now delete-> deleted). Bear in mind that, if it is your information that is showing (@Cadaver20), it's already compromised.


By the way, you can make the images visible in the OP, instead of leaving just the link.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 26, 2020, 04:02:22 AM
#16
I will edit my OP and add them there if you don't mind...

Ok. You can do it.

Just edit the OP with the pics, thank you again. Cool


If we don't want our funds to be lost, we should be storing them in a offline cold storage/hardware wallet.

Indeed the only way to have peace of mind.


Smart phones or mobile devices are created for convenience, entertainments, and so on. For serious stuffs, do it on your desktops or laptops.

Well, can someone say that it is very convenient to trade on the beach, drinking pina colada and smoking weed but I totally agree that if you want to do serious jobs, you need desctops/ laptops. That's why I dought that a serious business like exchangers will use a mobile. Unfortunately, scams and "hacks" will always be around...
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
August 26, 2020, 01:18:36 AM
#15
There are people who store huge sums of bitcoin in Binance and other large exchanges for trading actively but the problem is that managing crypto exchanges through a smartphones is highly risky and this is what I have pointed out in my above post. I have also seen people in this forum who still don't own a computer and manage everything through their mobile alone.  Cheesy
Binance or any other exchanges, the matter is exchanges come and go, grown big and degrade small or disappear (shut down, scam exit, takeover, etc.). Another minus point is use one or two exchanges to store all capital is terrible approach. Exchanges can be hacked and who knows will they do compensations for customers. Exchange owners can do scam exits. Governments can shutdown exchanges. Many things you can not control for your capital that is stored on exchanges. It has not yet taken into consideration that most of exchanges are centralized.

Quote
Though smartphones has become really handy nowadays and many of the global population still aren't owning a computer, managing our personal data through smartphones is literally a very bad idea.
Smart phones or mobile devices are created for convenience, entertainments, and so on. For serious stuffs, do it on your desktops or laptops.
legendary
Activity: 1584
Merit: 1280
Heisenberg Design Services
August 26, 2020, 01:13:29 AM
#14
Personally, I never have large amounts of BTC nowhere except my wallet. And as far as I know, doesn't need 2FA Auth...
It will be difficult to believe that companies who manage large sums will use mobile to do it.
There are people who store huge sums of bitcoin in Binance and other large exchanges for trading actively but the problem is that managing crypto exchanges through a smartphones is highly risky and this is what I have pointed out in my above post. I have also seen people in this forum who still don't own a computer and manage everything through their mobile alone.  Cheesy

Though smartphones has become really handy nowadays and many of the global population still aren't owning a computer, managing our personal data through smartphones is literally a very bad idea. Not sure how people are managing them without losing it? Many of us would be aware of the recent Cashaa hack where 336 btc was stolen when they were controlling such kind of huge funds through a web wallet.  Roll Eyes If we don't want our funds to be lost, we should be storing them in a offline cold storage/hardware wallet.
sr. member
Activity: 1582
Merit: 264
Next Generation Web3 Casino
August 25, 2020, 11:58:37 AM
#13
I will edit my OP and add them there if you don't mind...

Ok. You can do it.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 25, 2020, 11:23:18 AM
#12
Though Google 2FA is open source I would go either with Authy or LastPass.

I try Authy but it was a bit difficult to follow up with it. You know, some app's "works" for me but not for others and the opposite. Authy didn't work for me. Undecided

Managing some literally large bitcoin funds through mobile is quite risky and I wouldn't really trust either an exchange or an authenticator app with that.

Personally, I never have large amounts of BTC nowhere except my wallet. And as far as I know, doesn't need 2FA Auth...
It will be difficult to believe that companies who manage large sums will use mobile to do it.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 25, 2020, 11:09:48 AM
#11

I want to clear you about method 1.
Step 1:
Download Google authenticator app, open the app in your new device.

Step 2: Open the app in your old device and go to the "Menu"(at the top right of the app).


Step 3:
Select "Transfer accounts".
https://ibb.co/BNsDmhK

Step 4:
Select "export accounts" in your old device.
https://ibb.co/VpbJvGN

Step 5:
Then scan the QR with your new device.
https://ibb.co/t80zjN8

Yeap, that's it. Great man, thank's for the help!  Wink
I will edit my OP and add them there if you don't mind...
legendary
Activity: 1584
Merit: 1280
Heisenberg Design Services
August 25, 2020, 11:00:34 AM
#10
Though Google 2FA is open source I would go either with Authy or LastPass. The latter one has a pretty good one tap push login options and the they have got some not bad reviews in playstore as well. While having 2FA is secure but they can be as bad as losing our funds if they aren't properly backed up as tranthidung said.

Managing some literally large bitcoin funds through mobile is quite risky and I wouldn't really trust either an exchange or an authenticator app with that.
sr. member
Activity: 1582
Merit: 264
Next Generation Web3 Casino
August 25, 2020, 10:39:55 AM
#9
Good, that you found out something incredible from your mistake but wouldn't it better and simpler if you add images to your procedures in method 1 and 2.
Thanks.

I want to clear you about method 1.
Step 1:
Download Google authenticator app, open the app in your new device.

Step 2: Open the app in your old device and go to the "Menu"(at the top right of the app).


Step 3:
Select "Transfer accounts".
https://ibb.co/BNsDmhK

Step 4:
Select "export accounts" in your old device.
https://ibb.co/VpbJvGN

Step 5:
Then scan the QR with your new device.
https://ibb.co/t80zjN8
hero member
Activity: 2268
Merit: 588
You own the pen
August 25, 2020, 10:33:52 AM
#8
Great guide, but I prefer using Aegis authentification app in which it is possible to encrypt your vault and make an encrypted back up on completely offline storage. Even if I lose my smartphone, I can easily transfer the data to a new one and, more importantly, no one can access my vault on lost device because it is protected with password.

No KYC, no google, no problems.

Hey! I never thought there are some other Authentication apps you can use other than Google authenticator.  
I've been thinking sometimes what if I lose or damage my phone and all of my important data are supported by Google authenticator. From FB to exchange wallet. How do I supposed to recover it? Now that I found this one, I'll gotta try it. Thanks for sharing it with us.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 25, 2020, 08:48:06 AM
#7
~snip~

~snip~

I agree with both of you in almost everything. Sure the best/ safest way is to be prepared to save the recovery keys from the time that you enable 2FA in any site and with any app.
In the case though that you don't because you forgot it or miss it, there is a way (two actually) not to "panic". Grin
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
August 25, 2020, 08:02:24 AM
#6
I don't put my account and my destiny on export process. I'd like to back up my codes (before 2FA activation and test it immediately by typing codes manually to activate my 2FA). If my 2FA code's back up is correct, no typo, the 2FA activation will be done smoothly.

In case if 2FA activation is failed because of incorrect code. There are two reasons:
  • I enter 6 digit codes incorrectly
  • I write down 2FA secret code incorrectly so I have to go backwards and repeat those steps again.
By doing this, I simultaneously backup 2FA secret code and test the backup's validity immediately with 2FA activation.


When I was a newbie, I simply scanned QR code and 2FA activation was done like that. I don't back up or if I backup I don't test backup's validity.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
August 25, 2020, 07:43:03 AM
#5
Google Auth is quite a pain in the ass to retrieve if something happens to your phone but it's a decent way to ensure security.

It's always a good idea to make a backup. When you set up your 2FA, the website/program will usually ask you to copy down a string of alphanumeric letters as a backup. You can easily import that if you need.

If you don't mind sacrificing a little security, try Authy. I'm not sure how their security fare against other services but you can recover your 2FA keys using your phone number. This is kind of risky though; SIM Jacking is quite common and you'll have to take care to use a more secure email to prevent them from resetting your Authy account. But even with that, the backups are secured with a password still.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 25, 2020, 06:48:19 AM
#4
Good, that you found out something incredible from your mistake but wouldn't it better and simpler if you add images to your procedures in method 1 and 2.
Thanks.

You are right, images will be more helpful. I will add some in the near future, thank you for your suggestion. Wink


Great guide, but I prefer using Aegis authentification app in which it is possible to encrypt your vault and make an encrypted back up on completely offline storage. Even if I lose my smartphone, I can easily transfer the data to a new one and, more importantly, no one can access my vault on lost device because it is protected with password.

No KYC, no google, no problems.

TBH, I didn't know about this app and as I see it (in a flash though) it looks like a good Authenticator app. Thank you for your suggestion!
Btw, I also don't like either Google or KYC so most likely I will make a change... Grin
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
August 25, 2020, 06:35:23 AM
#3
Great guide, but I prefer using Aegis authentification app in which it is possible to encrypt your vault and make an encrypted back up on completely offline storage. Even if I lose my smartphone, I can easily transfer the data to a new one and, more importantly, no one can access my vault on lost device because it is protected with password.

No KYC, no google, no problems.
full member
Activity: 546
Merit: 148
August 25, 2020, 06:28:40 AM
#2
Good, that you found out something incredible from your mistake but wouldn't it better and simpler if you add images to your procedures in method 1 and 2.
Thanks.
legendary
Activity: 3038
Merit: 1104
This is what I do. I drink and I know things.
August 25, 2020, 06:16:37 AM
#1
I will share my personal experience that led to these easy and fast solutions for getting back your 2FA Google Auth keys/ codes, without the fuss of redoing any verification/ KYC procedure.

Last week my phone get damaged because of my stupidity to have it on me when I take a...swim! Yes, you understand correctly. I dive into the sea with my phone!!! Lips sealed
As you (probably) all know already, to fix it was out of the question due the seawater is salted(!) and the phone is oxidized in a matter of minutes. The only hope though was to make a chemical cleaning, change some capacitors, and... prey to open so I can save any data. I get lucky and my phone opened!
Along with a friend of mine (that has a repair store for mobile phones, tablets, etc) we manage to save everything, including my 2FA keys on Google Auth app. TBH I have them all handwritten, so we basically experiment to see if we can get them in the case that I didn't have them stored. Below are the two methods that can work for sure. If by any chance I found a new one or some other fellow member find one, I guess it will be nice to post it here so we can have them all in one thread. Cool

Method 1: You download the Google Auth to your new phone, you open it and you go to app's "Menu" (the three vertical dots on the top right corner of your phone's screen).
You select "Account Transfer" and a message appears asking you if you want to "Export" your accounts (by creating a QR code which you will scan with your new phone) or to "Import" them (by scanning the QR from your previous phone). Doesn't matter if the camera of your old/ damaged phone doesn't work. You choose "Export accounts", scan the QR with your new phone and you are done.

IMPORTANT NOTE If your phone is lost or it can't be open after damage, this method is not possible. You need to have your old device working (at least the phone's screen).

Method 2: If you have a Google account (Gmail counts as one) you can log in and go to "Security settings".
You choose the "Authenticator App" tab and you to "Export" your accounts. A QR code will appear, you scan it with your new phone and done.

IMPORTANT NOTE You must have enabled earlier the "Two Step Verification" with Google Authenticator app and not with any other option (SMS, call, alternative mail address). If you don't have Google Authenticator app as your two-step security measure, then you can't proceed with this method.

I hope this thread will be useful and easy to understand from anyone around. Thank's and BTCe-safe.

Edit: Since I didn't find any way to bypass the Flag Secure setting and take screenshots, I post Cadaver20 pics for Method 1. At least until I have better...

Method 1 pics.

Step 1:
Download Google authenticator app, open the app in your new device.

Step 2: Open the app in your old device and go to the "Menu"(at the top right of the app).



Step 3: Select "Transfer accounts".



Step 4: Select "export accounts" in your old device.



Step 5: Then scan the QR with your new device.

Jump to: