2FA and new phones

Posted on September 15, 2013


Been mad manic all over the place recently, so a few posts are in the pipeline.

One thing I wanted to cover happened a to me a few months ago when my HTC phone finally got too annoyingly broken to use properly. I jumped over to a Samsung S3 (no, I didn’t buy it with Bitcoin but yes, I did try), and spent a day or two migrating all the everyday apps I use over to it.

But the one annoying part of the process was switching all my 2-factor authentication over to the new phone. If you’re not using 2FA for sign-ins that support it, why not? Go and switch it on, now. Done? Good.

Turns out things like Google accounts can only be associated with one device at a time, while sites like blockchain.info obviously require you to sign in using 2FA before you can associate your new device. So if your old device has been “decommissioned” (or lost, or broken), you need to reset your access somehow before you can get in.

Tip 1: If you can, sign in using your old device before switching to your new one – or deactivate 2FA temporarily.

Tip 2: Alternatively, have your back-up access code to hand, if the service offers it. Google accounts give you some one-use codes for this kind of occasion, and sites such as LocalBitcoins.com also give you a backup code. Keep these safe – print and hide, or encrypt securely.

I saw the same question appear on reddit, which led to this handy article on how to move your Google Authenticator account around. There are more options there, including for if you’ve rooted your device.

If all else fails, make sure you know what your contingency plans are. I managed to set up a temporary blockchain.info wallet (also backed up by 2FA) by importing my encrypted wallet file into a new account. Annoying, but sometimes necessary. Which leads me to the final tip…

Tip 3: Keep back-ups.