Pages:
Author

Topic: How to backup Google Authenticator? (Read 47068 times)

full member
Activity: 224
Merit: 100
July 31, 2014, 05:40:11 AM
#33
Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

  • adb shell to my nexus with a terminal
  • enter "su"
  • allow root from phone
  • "cd /data/user/0/com.google.android.apps.authenticator2/databases"
  • "sqlite3 databases"
  • "select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.

This is a very useful information. Thanks for sharing.
hero member
Activity: 539
Merit: 500
Nkcom Collection Shop
June 21, 2014, 05:43:32 PM
#32
Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

this one is very helpful for me,, thanks you  Wink
newbie
Activity: 38
Merit: 0
April 23, 2014, 10:08:50 PM
#31
Thanks! I lost my iPhone someday ago, now I can continue my work. thanks Wink
sr. member
Activity: 448
Merit: 250
April 22, 2014, 02:08:50 PM
#30
Google authenticator isn't tied to your google account... it's an open API that anyone can use (which is why the PAM module even exists)
newbie
Activity: 7
Merit: 0
April 22, 2014, 01:17:30 AM
#29
Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

  • adb shell to my nexus with a terminal
  • enter "su"
  • allow root from phone
  • "cd /data/user/0/com.google.android.apps.authenticator2/databases"
  • "sqlite3 databases"
  • "select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.
legendary
Activity: 1148
Merit: 1018
January 23, 2014, 08:53:23 AM
#28
Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.

I wouldn't recommend Evernote or a similar cloud service - you would be trusting your very valuable backup to the servers of a third party (in this case Evernote), and thus you have to assume that at some point somebody could hack their servers and access the information you stored on them.

If storing the backup on the cloud is a "must", then I would definitely recommend to use strong encryption to protect the backup before uploading it. The attack vector that lead to one of the biggest thefts in BTC's history (allinvain's 25k BTC theft) was very probably an unencrypted wallet.dat stored on dropbox.
member
Activity: 81
Merit: 10
January 23, 2014, 02:44:01 AM
#27
Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.
newbie
Activity: 35
Merit: 0
January 12, 2014, 06:59:31 PM
#26
Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

As others have said backup the secrets or QR code and you can also use another phone or tablet to house your info in Google Authenticator or Authy < which you can set to backup your data. Authy also allows you to set a pin # for the program, GA doesn't but you can download a 3rd party app to do the same.
hero member
Activity: 630
Merit: 500
Bitgoblin
October 12, 2013, 07:15:34 AM
#25
Titanium Backup on Android
only if you're rooted
b!z
legendary
Activity: 1582
Merit: 1010
September 05, 2013, 06:25:52 AM
#24
Titanium Backup on Android, OpenBackup (or other) on iOS.
full member
Activity: 181
Merit: 100
September 05, 2013, 01:22:47 AM
#23
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?HuhHuhHuhHuhHuhHuhHuhHuhHuh

Anyone else?


only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?


google is your friend:


No they're not. Cheesy
legendary
Activity: 2413
Merit: 1003
September 04, 2013, 09:09:38 PM
#22
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?HuhHuhHuhHuhHuhHuhHuhHuhHuh

Anyone else?


only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?


google is your friend:

https://bitcointalksearch.org/topic/m.3077955
legendary
Activity: 1148
Merit: 1018
September 04, 2013, 06:25:40 PM
#21
Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.
full member
Activity: 181
Merit: 100
September 04, 2013, 06:24:56 PM
#20
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?HuhHuhHuhHuhHuhHuhHuhHuhHuh

Anyone else?


only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?
legendary
Activity: 2413
Merit: 1003
September 04, 2013, 06:22:34 PM
#19
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?HuhHuhHuhHuhHuhHuhHuhHuhHuh

Anyone else?


only afected I-Phone...there is a topic here (with recover manual) search it
full member
Activity: 181
Merit: 100
September 04, 2013, 05:58:22 PM
#18
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?HuhHuhHuhHuhHuhHuhHuhHuhHuh

Anyone else?
legendary
Activity: 2413
Merit: 1003
September 04, 2013, 11:51:33 AM
#17
You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list
Won't this defeat the purpose to have 2FA in the first place?

Yes unless what he means is a dedicated offline machine used for nothing but generating the authentication codes.


why is that? if you get hacked you are lost anyways (shouldn't run Windows at all).
2FA is to protect you against password hacks
full member
Activity: 196
Merit: 100
September 04, 2013, 10:39:40 AM
#16
Thank you for this valuable post. I have just reset all my authenticator settings and now have a nice stack of printouts to put away in a safe.
hero member
Activity: 900
Merit: 1000
Crypto Geek
September 04, 2013, 12:12:56 AM
#15
You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.
donator
Activity: 1218
Merit: 1079
Gerald Davis
August 21, 2013, 06:52:15 PM
#14
You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list
Won't this defeat the purpose to have 2FA in the first place?

Yes unless what he means is a dedicated offline machine used for nothing but generating the authentication codes.
Pages:
Jump to: