|
|
|
|
|
|
by crazygringo
1204 days ago
|
|
|
No, Google Authenticator does not securely store keys anywhere but your physical phone. If you lose your phone, they're gone. The only thing it provides is a way to export from one device to another, but that requires having the first device still with you. [1] On the other hand, yes fortunately Authy does provide cloud backups. But your average end user generally doesn't have the slightest idea of why they should use one authenticator app over another. Expecting them to do the research to figure out that they should use Authy over Google Authenticator in case they lose their phone is asking way too much. Again, completely user unfriendly. [1] https://support.google.com/accounts/answer/1066447 |
|
|
I can't see any reason you couldn't start the export process without having a new phone and take screenshots of the QR codes, then back those screenshots up to some secure place.
You should be able to later use those screenshots to restore those accounts to a new phone without needing to have the old phone.
I don't use Google Authenticator so have not tried this.
While the above should work, I'd recommend saving the QR code for each site when you sign up for TOTP at that site. That way you can easily transfer to any other TOTP authenticator. The Google Authenticator export seems to make QR codes that combine multiple accounts and I'm not sure any other authenticators would know what to do with those.