Recovering 2fa keys from Google auth

[jackg]

I'm wondering if there's a way to get a key out of my old phone. The time on the phone is right but the one time password won't work. Does anyone know of a way to get the keys out?

It's in the Google authenticator app on jellybean 4.1.1 I think...

[BitMaxz]

Did you try to sync it? You can find the sync button under settings then "time correction for codes"?

I don't know if you can get the secret key from your old phone.

Try to use es file explorer and go to this path \ANDROID\DATA\com.google.android.apps.authenticator2\DATABASE\DATABASE\
You might find the secret code under database I don't know if it will work or you need to root the phone first before you can access the system folder.

Try to root it with kingoroot app then access the location path above to get the database.

[milewilda]

Try to root it with kingoroot app then access the location path above to get the database.

Does Kingroot can root out all mobile phone?coz this one cant directly root out my Xiaomi MI MIX 3. Accessing the system file is the only key for this one which can be only sort out on a rooted phone.

[BitMaxz]

Does Kingroot can root out all mobile phone?coz this one cant directly root out my Xiaomi MI MIX 3. Accessing the system file is the only key for this one which can be only sort out on a rooted phone.

No, not all phones are supported with kingroot since he has jellybean version it should be able to root. Xiaomi MI MIX 3 has the latest security patch you can able to root this phone through flashing but you need to unlock the bootloader first before you can able to root it.

[bL4nkcode]

I used to use google auth before and after such incident  (phone lost), I lost all my accounts associated with it coz I cant recover the keys. And suggesting using authy instead, its a big help.

I'm sure jellybean versions can be easily rooted besides of kingroot there's kingoroot, just take your time to do some research because it will be a disaster if it turns to bootloop.

[NeuroticFish]

The time on the phone is right but the one time password won't work.

The time alone is not enough. As said, you should also do in Authenticator->Settings->Time correction for codes.
Also I've noticed in the past 5 years that (rarely) the websites can have incorrect time sync and that sometimes gets "handled" by trying to log in either in the first seconds after the minute, either the last seconds, either just after the minute has passed.

Does anyone know of a way to get the keys out?

If you manage to actually use the 2FA codes and the number of them is not too big (under 20), then it may be less effort to actually change (turn off+turn on) the 2FA on each website and this time make sure you save the seed too somewhere, just in case. (Also you can use something smarter than Authenticator).

[sheenshane]

Try to root it with kingoroot app then access the location path above to get the database.

Does Kingroot can root out all mobile phone?coz this one cant directly root out my Xiaomi MI MIX 3. Accessing the system file is the only key for this one which can be only sort out on a rooted phone.

Ain't know if all mobile phone can be rooted, Op can simply google for it if kingroot is applicable on the jellybean version mobile phone.

I remember this article/blog before when I was searching how to find my lost Google Authenticator key and I hope this can help to OP.
https://www.cyclonis.com/where-find-my-lost-google-authenticator-key/.

[jackg]

I'll take a look at pulling the data out of it. I can keep track of a phone more than I can keep track of papers so writing down the keys will just mean they'll end up in "the pile"...

I don't have any money on anything requiring 2fa and you can normally sign deposit addresses anyway... But thanks for the help so far, I'm assuming there won't be much encryption in the dB in the early versions anyway...