How to backup Google Authenticator?

[Rampion]

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

[capoeira]

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?

google is your friend:

https://bitcointalk.org/index.php?topic=287459.msg3077955#msg3077955

[glon]

You often aren't given the secret key to copy and paste so a common way is to screenshot that qrcode or take a photo. The thing is, you have to remember to do this on logon and you're punching an unencrypted backup through the system.

The whole thing is a disaster waiting to happen. It got me when my phone got stolen and it's caught many others out too. There should be an encrypted backup solution for Google Authenticator. It's just because it's intended for use with Google and usually gmail - there you have all the backup options - paper codes, phone, SMS.

Using Google Authenticator for third party things is fine but really I think gox and all these sites should tell people they should backup and print or backup and encrypt the qrcode.

And wouldn't you know it Google has just updated their Authenticator iphone app and all my tokens are gone after the update. WTF?

Anyone else?

only afected I-Phone...there is a topic here (with recover manual) search it

Yes I said it's an iphone app issue. Care to make yourself useful and post a link to the topic "with recover manual"?

google is your friend:

No they're not.

[b!z]

Titanium Backup on Android, OpenBackup (or other) on iOS.

[Lohoris]

Titanium Backup on Android

only if you're rooted

[wacked]

Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

As others have said backup the secrets or QR code and you can also use another phone or tablet to house your info in Google Authenticator or Authy < which you can set to backup your data. Authy also allows you to set a pin # for the program, GA doesn't but you can download a 3rd party app to do the same.

[Samoshi]

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.

[Rampion]

Print the QR code and store it in a safe place. Before activating 2-fa check that the QR you printed can be scanned by GA.

This is the best simple solution to keep a backup. You can also take a photo and store your photos on Evernote or similar cloud service.

I wouldn't recommend Evernote or a similar cloud service - you would be trusting your very valuable backup to the servers of a third party (in this case Evernote), and thus you have to assume that at some point somebody could hack their servers and access the information you stored on them.

If storing the backup on the cloud is a "must", then I would definitely recommend to use strong encryption to protect the backup before uploading it. The attack vector that lead to one of the biggest thefts in BTC's history (allinvain's 25k BTC theft) was very probably an unencrypted wallet.dat stored on dropbox.

[lateman]

Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

• adb shell to my nexus with a terminal
• enter "su"
• allow root from phone
• "cd /data/user/0/com.google.android.apps.authenticator2/databases"
• "sqlite3 databases"
• "select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.

[sana8410]

Google authenticator isn't tied to your google account... it's an open API that anyone can use (which is why the PAM module even exists)

[Abel jonh]

Thanks! I lost my iPhone someday ago, now I can continue my work. thanks

[wakhidNkcom]

Use this program https://code.google.com/p/winauth/ Then make sure after you add all your secrets to it, then back up the winauth.xml file which houses our your secrets from %appdata%\winauth
Also has password/encrypted option and allows you to tie to the PC in question if so desired.

this one is very helpful for me,, thanks you 

[vaisajne]

Hey Folks,

i was in the following situation. Had mt.gox changed to 2f authentication and didn't backed up my secret. Now i got me a new phone and have moved all the other stuff with no problem. My old phone is a nexus 4 which is rooted and my new phone is a samsung galaxy s5. I don't want to root my s5 atm so titanium is a no go. Helium backup does no backup for google authenticator. mt.gox is not usable atm moment and might not be in the next time. So here is what i did:

• adb shell to my nexus with a terminal
• enter "su"
• allow root from phone
• "cd /data/user/0/com.google.android.apps.authenticator2/databases"
• "sqlite3 databases"
• "select * from accounts;"

And there it was. There should be a line like this:
1|MtGox-USER-TOTP#553617|BLAHBLAHBLAH|0|0|0||MtGox-USER-TOTP#553617

On the new phone just enter "BLAHBLAHBLAH" in the GA App instead of scanning a QR code. Done!

I hope this will help someone

Greetings, lateman.

This is a very useful information. Thanks for sharing.