Experience story that the backup code of Google's two-factor authentication application could not be generated by breaking the smartphone, this is the backup method

Two-factor authentication using one-time passwords helps improve security when using web services. However, users of Google's one-time password issuing application 'Google Authenticator' have reported that 'as a result of breaking the smartphone, it became impossible to reissue the backup code of Google Authenticator'. increase.

Tell HN: It is impossible to disable Google 2FA using backup codes | Hacker News


Google Authenticator is an application that issues one-time passwords for logging in to various web services. For example, below is a 6-digit one-time password that can be used for a short period of time when logging into Discord . Users must enter a one-time password in addition to their normal password, which protects their account even if the password is compromised.

According to what a user of Google Authenticator posted on the news sharing site Hacker News, the user used Google Authenticator to perform two-factor authentication for his Google account. However, the smartphone on which Google Authenticator was installed broke and I could no longer see the one-time password, making it impossible to log in with two-factor authentication. Although the user successfully logged in to Google by using the backup code recorded in advance, two factors are required to perform operations such as ``issuing a new backup code'' and ``disabling two-factor authentication'' Since login with authentication was required, the user was unable to perform any of these operations.

One way to prevent the above problems is to regularly back up the login information registered in Google Authenticator. The backup procedure is as follows.

First, tap the menu button located in the upper right corner of the Google Authenticator screen.

Then tap 'Export account'.

Tap 'Continue'.

Authenticate with Touch ID or Face ID and proceed to the next screen.

Backup preparation is completed when the QR code is displayed.

Then install Google Authenticator on the smartphone you want to backup. Since I want to back up to the iPhone this time, search for Google Authenticator in the App Store and tap the cloud icon or 'Get'.

When the installation is complete, tap 'Open'.

Tap 'Start'.

Tap 'Do you want to import an existing account?' at the bottom of the screen.

Tap 'Scan QR code'.

Tap OK when asked to access the camera.

Next, read the QR code displayed on the backup source smartphone.

Tap 'OK' when reading is successful. Your backup is now complete.

When the backup is completed, tap 'Next' on the backup source smartphone.

Tap 'Keep all exported accounts' and tap 'Done'.

Now, in the unlikely event that your phone breaks, you can still perform two-factor authentication on another phone.

in Review,   Software,   Security, Posted by log1o_hf