Pages:
Author

Topic: How to backup Google Authenticator? - page 2. (Read 47091 times)

vip
Activity: 756
Merit: 503
August 21, 2013, 06:51:03 PM
#13
You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list
Won't this defeat the purpose to have 2FA in the first place?
donator
Activity: 1218
Merit: 1079
Gerald Davis
August 21, 2013, 06:43:57 PM
#12
@glon Well depending on the site you may have options.
If the site still shows the authenticator code you can print it after the fact.
If the site allows you to change the authenticator code you could change it and in doing so completing the steps above.
If the site allows you to disable the authenticator code then do so and then enable it completing steps above.
If the sties doesn't allow you to change, disable, or show you the authenticator code you probably will need to request the admin remove authenticator from your account.

full member
Activity: 181
Merit: 100
August 21, 2013, 06:31:57 PM
#11
The QR code contains the shared secret (which is what synchronizes the codes on your smartphone and the site's backend server.  Same shared secret + same time means both you and site generate the same code in sync.   The shared secret is simply a number.  The QR code also contains some less important information like "display name".

So if you have a backup of the QR code you use it to "setup" another smartphone

1) When you setup 2FA before you scan the QR code print it out.  
2) Instead of scanning the QR code on screen scan the printout (this verifies the printout was correct, no printing errors rending it unreadable).  

3) Complete the 2FA setup.
4) Now just label the printout.
5) Store the all your labeled google authenticator QR codes in a safe place (like fireproof safe or safety deposit box).

Hi, what if I've already completed point 3 before even thinking about doing 1/2? Thanks!
hero member
Activity: 770
Merit: 502
May 10, 2013, 03:08:41 PM
#10
You can also not only backup the code, but as well as run google authenticator on your windows pc.

http://code.google.com/p/gauth4win/downloads/list
hero member
Activity: 630
Merit: 500
Bitgoblin
May 10, 2013, 12:18:21 PM
#9
You can use titanium backup free to back up the data for the google authenticator android app to your sd card.  be careful with the backup though- it's best to store it somewhere else password protected vs. on your phone.
Will only work if his phone is rooted.
sr. member
Activity: 252
Merit: 250
May 10, 2013, 12:00:27 PM
#8
Hello everyone,

I am trying to improve my online security by using 2 factor authentication through Google Authentication. I've set it up for MtGox and BTCT but I am concerned about what will happen if I lose my phone or it gets stolen. I will lose access to absolutely everything! Or I install  a ROM on top of the phone and lose all my data because I forget to backup.

What is a commonly accepted way of backing up one's Google Authenticator database? Ideally it would be a single file that I can load back into Google Authenticator or something that will be stored offline somewhere (putting it in cloud storage might not make sense in this case).

Thanks in advance.

You can use titanium backup free to back up the data for the google authenticator android app to your sd card.  be careful with the backup though- it's best to store it somewhere else password protected vs. on your phone.
donator
Activity: 1218
Merit: 1079
Gerald Davis
May 10, 2013, 11:44:34 AM
#7
The QR code contains the shared secret (which is what synchronizes the codes on your smartphone and the site's backend server.  Same shared secret + same time means both you and site generate the same code in sync.   The shared secret is simply a number.  The QR code also contains some less important information like "display name".

So if you have a backup of the QR code you use it to "setup" another smartphone

1) When you setup 2FA before you scan the QR code print it out.  
2) Instead of scanning the QR code on screen scan the printout (this verifies the printout was correct, no printing errors rending it unreadable).  
3) Complete the 2FA setup.
4) Now just label the printout.
5) Store the all your labeled google authenticator QR codes in a safe place (like fireproof safe or safety deposit box).
newbie
Activity: 46
Merit: 0
May 10, 2013, 11:41:31 AM
#6
TBH I don't know what different websites put into their QR codes, probably depends on the website.

With MtGox what you need to make a backup of (copy/paste, screenshot etc.) is called "Secure Private Key".

If you use the authenticator I used as an example above, you can then generate the OTP with "java -jar JAuth.jar -secret=YOURSECUREPRIVATEKEY".

For other websites and/or authenticator apps it's basically the same procedure. So in essence you don't need a phone at all, if you don't want to use one.
member
Activity: 85
Merit: 10
May 10, 2013, 11:29:15 AM
#5
Thanks. So the QR code that I scan is the backup itself? Good to know. However you can't copy the MtGox one for some reason. I'll have to take a screenshot or something.
newbie
Activity: 46
Merit: 0
May 10, 2013, 11:18:53 AM
#4
Whenever you register for 2FA you get something called "secret key" or "shared secret" etc.

That is what you need to take a backup of.

Without your phone this secret key can be put into a variety of different apps/scripts etc. to generate the OTP just like your phone would have done it.

One example of such a simple authenticator would be this one: https://github.com/mclamp/JAuth

member
Activity: 85
Merit: 10
May 10, 2013, 11:03:24 AM
#3
Yes, but that is only for Google accounts. What about MtGox and BTCT and others?
sr. member
Activity: 412
Merit: 250
May 10, 2013, 09:37:08 AM
#2
Just create some backup codes and store them in a safe place, then if you lose your phone you can simply log in with backup code and turn off 2 factor. See here for instructions: http://support.google.com/accounts/bin/answer.py?hl=en&answer=1187538
member
Activity: 85
Merit: 10
May 10, 2013, 09:33:24 AM
#1
Hello everyone,

I am trying to improve my online security by using 2 factor authentication through Google Authentication. I've set it up for MtGox and BTCT but I am concerned about what will happen if I lose my phone or it gets stolen. I will lose access to absolutely everything! Or I install  a ROM on top of the phone and lose all my data because I forget to backup.

What is a commonly accepted way of backing up one's Google Authenticator database? Ideally it would be a single file that I can load back into Google Authenticator or something that will be stored offline somewhere (putting it in cloud storage might not make sense in this case).

Thanks in advance.
Pages:
Jump to: