Google Authenticator provides a neat way to use 2-Factor Authentication (2FA). But it has a massive downside that is mostly ignored.
If you lose/reset/replace your phone (which is normally your primary 2FA device) then you’re completely screwed.
Why? Because all your two-factor authentication codes are gone, and never to be seen again.
The huge effort in recovering from this sort of mini-disaster makes me cry.
But don’t worry, we have found the solution to this, that will end all your Google Authenticator woes. 😀
You have a two-factor authentication disaster just waiting to happen
Google Authenticator works by using an App (of the same name) on your phone. You scan the QR codes and it saves the 2FA account on your phone.
There is no easy way to move this App from off your phone to anywhere else. In fact, you can’t even export these codes.
You’re pretty much stuck.
If this phone, or even just the Google Authenticator app, disappears you’re going to get burnt so bad from this you’ll never want to use 2FA ever again.
Which is a huge pity, as it’s a great security layer.
So what are your options? We’ve experimented with a few different approaches because we’ve also been burnt in the past. But we found only one way to solve this problem once and for all.
Enter: Authy App, with Google Authenticator integration
Authy is a fully-fledged two-factor authentication service. But don’t get this confused with Google Authenticator. They’re completely different.
What I’m referring to specifically is the Authy App. You see, the Authy App also handles Google Authenticator 2FA code registration. This means that instead of using the official Google app, you’ll now use the Authy App instead.
But isn’t the problem of your losing your phone exactly the same?
No. Because with an Authy account you can now backup your Google Authenticator codes off your phone (to your Authy account via the app).
Oh yes, you read that right. You now have Google Authenticator backups! 😀
What happens if you lose/reset your phone? You just download the Authy App and retrieve your Google Authenticator codes from their backup.
It’s really as easy as that!
You must replace your existing Google Authenticator codes
All those codes you currently have running on the original Google Authenticator app will have to be transferred to your new Authy app.
You can’t transfer them directly, so it’s more of a “turn it off and on again” process. These are the basic steps:
For every Google Authenticator account you have:
- Go to the original service for the account and remove Google Authenticator 2FA.
- Re-enable Google Authenticator for that account
- Use the Authy App instead of Google Authenticator app to register the account.
It might be a bit tedious, but if you’ve already experienced the pain that comes with losing your GA codes, then you’ll agree some tedium is a cheap price to pay for the huge upside.
Thoughts or Questions?
Pretty useful, right? The reality is that we wouldn’t use Google Authenticator without this backup option. The cost in time and resources each time a phone is replaced is huge and for some reason, this restriction is being completely over-looked by anyone who uses or recommends it.
Please share this and get the word out – there nearly always is a better way to do things. We hope this helped you!
We were having an issue with one of our sites that we use this plugin on. The .htaccess file was getting corrupted. We found that Simple Firewall was causing the .htaccess file to be re-written about every minute. I reported the problem on the WordPress forum expecting to never get…
Very Useful plugin
Very Useful plugin
Must Have, Easy to Implement, Good Security
I am impressed with the ease at which I could configure the security of my wordpress site with this tool. I especially liked the 2-factor Auth support, specifically the support for hardware tokens (yubikey) was what set this plugin apart for me. I am new to wordpress, but not to…
Two-Factor Authentication for the Win!
There are a lot of security plugins out there but for what I want this one is the best of the bunch. It’s easy to set up and use, plus two-factor authentication is a HUGE bonus! Don’t waste time sifting through the other security plugins, choose this one and be…