How to backup Google Authenticator? | Bitcointalksearch.org

vaisajne

full member

Activity: 224

Merit: 100

Quote from: lateman on April 22, 2014, 01:17:30 AM

Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

adb shell to my nexus with a terminal
enter "su"
allow root from phone
"cd /data/user/0/com.google.android.apps.authenticator2/databases"
"sqlite3 databases"
"select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.

This is a very useful information. Thanks for sharing.

wakhidNkcom

hero member

Activity: 539

Merit: 500

Nkcom Collection Shop

Quote from: wacked on January 12, 2014, 06:59:31 PM

Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

this one is very helpful for me,, thanks you Wink

Abel jonh

newbie

Activity: 38

Merit: 0

Thanks! I lost my iPhone someday ago, now I can continue my work. thanks Wink

sana8410

sr. member

Activity: 448

Merit: 250

Google authenticator isn't tied to your google account... it's an open API that anyone can use (which is why the PAM module even exists)

lateman

newbie

Activity: 7

Merit: 0

Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

adb shell to my nexus with a terminal
enter "su"
allow root from phone
"cd /data/user/0/com.google.android.apps.authenticator2/databases"
"sqlite3 databases"
"select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.

Rampion

legendary

Activity: 1148

Merit: 1018

Quote from: Samoshi on January 23, 2014, 02:44:01 AM

Quote from: Rampion on September 04, 2013, 06:25:40 PM

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.

I wouldn't recommend Evernote or a similar cloud service - you would be trusting your very valuable backup to the servers of a third party (in this case Evernote), and thus you have to assume that at some point somebody could hack their servers and access the information you stored on them.

If storing the backup on the cloud is a "must", then I would definitely recommend to use strong encryption to protect the backup before uploading it. The attack vector that lead to one of the biggest thefts in BTC's history (allinvain's 25k BTC theft) was very probably an unencrypted wallet.dat stored on dropbox.

Samoshi

member

Activity: 81

Merit: 10

Quote from: Rampion on September 04, 2013, 06:25:40 PM

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.

wacked

newbie

Activity: 35

Merit: 0

Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

As others have said backup the secrets or QR code and you can also use another phone or tablet to house your info in Google Authenticator or Authy < which you can set to backup your data. Authy also allows you to set a pin # for the program, GA doesn't but you can download a 3rd party app to do the same.

Lohoris

hero member

Activity: 630

Merit: 500

Bitgoblin

Quote from: b!z on September 05, 2013, 06:25:52 AM

Titanium Backup on Android

only if you're rooted

b!z

legendary

Activity: 1582

Merit: 1010

Titanium Backup on Android, OpenBackup (or other) on iOS.

glon

full member

Activity: 181

Merit: 100

Quote from: capoeira on September 04, 2013, 09:09:38 PM

Quote from: glon on September 04, 2013, 06:24:56 PM

Quote from: capoeira on September 04, 2013, 06:22:34 PM

Quote from: glon on September 04, 2013, 05:58:22 PM

Quote from: jago25_98 on September 04, 2013, 12:12:56 AM

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF? Huh

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?

google is your friend:

No they're not. Cheesy

capoeira

legendary

Activity: 2413

Merit: 1003

Quote from: glon on September 04, 2013, 06:24:56 PM

Quote from: capoeira on September 04, 2013, 06:22:34 PM

Quote from: glon on September 04, 2013, 05:58:22 PM

Quote from: jago25_98 on September 04, 2013, 12:12:56 AM

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF? Huh

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?

google is your friend:

https://bitcointalksearch.org/topic/m.3077955

Rampion

legendary

Activity: 1148

Merit: 1018

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

glon

full member

Activity: 181

Merit: 100

Quote from: capoeira on September 04, 2013, 06:22:34 PM

Quote from: glon on September 04, 2013, 05:58:22 PM

Quote from: jago25_98 on September 04, 2013, 12:12:56 AM

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF? Huh

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?

capoeira

legendary

Activity: 2413

Merit: 1003

Quote from: glon on September 04, 2013, 05:58:22 PM

Quote from: jago25_98 on September 04, 2013, 12:12:56 AM

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF? Huh

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

glon

full member

Activity: 181

Merit: 100

Quote from: jago25_98 on September 04, 2013, 12:12:56 AM

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF? Huh

Anyone else?

capoeira

legendary

Activity: 2413

Merit: 1003

Quote from: DeathAndTaxes on August 21, 2013, 06:52:15 PM

Quote from: 01BTC10 on August 21, 2013, 06:51:03 PM

Quote from: pekv2 on May 10, 2013, 03:08:41 PM

You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list

Won't this defeat the purpose to have 2FA in the first place?

Yes unless what he means is a dedicated offline machine used for nothing but generating the authentication codes.

why is that? if you get hacked you are lost anyways (shouldn't run Windows at all).
2FA is to protect you against password hacks

gambitv

full member

Activity: 196

Merit: 100

Thank you for this valuable post. I have just reset all my authenticator settings and now have a nice stack of printouts to put away in a safe.

jago25_98

hero member

Activity: 900

Merit: 1000

Crypto Geek

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: 01BTC10 on August 21, 2013, 06:51:03 PM

Quote from: pekv2 on May 10, 2013, 03:08:41 PM

You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list

Won't this defeat the purpose to have 2FA in the first place?

Yes unless what he means is a dedicated offline machine used for nothing but generating the authentication codes.

Topic: How to backup Google Authenticator? (Read 47073 times)