How to Move Authenticator Apps Before Selling Your Phone
Here’s a lesson that most users learn a bit too late – usually right after they’ve already wiped their phone clean. Authenticator apps store unique encryption keys directly on your device and these keys are responsible for those rotating 6-digit codes that refresh every 30 seconds. But if you download the app on your new phone, those keys won’t appear automatically. You have to move over every account one by one or else you’ll have to manually set them all up from the beginning again. The process to do this is different depending on which authenticator app you use and which services you’ve connected to it.
Miss this step and you’re going to be stuck in account recovery for days on end. Your bank will probably make you come into a branch in person to verify your identity. Work email accounts can get locked up until somebody from IT can manually reset everything on their end. Make sure that you’ve moved everything over before you do a factory reset on your phone – not after!
Let’s talk about how to safely move your authenticator apps to your new device!
What Data Stays on Your Phone
Your authenticator app is actually a little different compared to most of the other apps on your phone because it saves encryption keys directly on your device and those keys never leave – they stay stored locally the whole time. When you link an account to your app, those keys work with your account information to generate the rotating 6-digit codes that you’ll have to type in whenever you log into something.
These keys are stored on your phone and only your phone. They’re never backed up in the cloud and they won’t sync across any of your other devices. So getting a new phone means that you can’t simply download the authenticator app again and have everything automatically appear – it just doesn’t work that way.
Every device that you set up with your authenticator app creates its own separate connection to each of your accounts. When you scan that first QR code to add a new account, your phone receives a secret code that’s connected to that particular pairing. The app then uses that secret to generate your login codes going forward. On their end, the website or service that you’re trying to access has its own copy of that exact same secret stored in their system.
Deleting the app or selling your phone without moving these secrets over first means that they’re gone forever. Your new phone won’t have them and there’s no way to recover them. The service you’re trying to access will still expect codes that are generated from those original secrets though. Losing access to them means that you won’t be able to generate the codes that it’s asking for.
You don’t want to get locked out of your main accounts and it happens way more when you hand off your old phone without taking care of it first. Your secrets need to move over to your new device successfully, or at a minimum, you’ll need another way to verify yourself already set up and ready to go. Missing this step before you give away your phone means that you could lose access to accounts that you depend on every day.
Download All Your Backup Codes
Many users want to jump right into the move process when they choose to switch authenticator apps. What tends to get skipped over is one preparation step – and without it, you could wind up locked out of your accounts. Download the backup codes from each service that uses your authenticator before you move anything. These are one-time codes that almost every two-factor authentication service lets you generate and they work as your safety net if the move runs into any problems.
Backup codes work as a safety net for your accounts and they’re very important to set up before you make the switch. If your authenticator app doesn’t move over correctly, or if you lose access to it during the move, these codes will be your only way back in. Each service deals with backup codes a bit differently. But most of them have this feature somewhere in their security settings.
Google makes the process fairly simple – you can generate a full set of backup codes directly from your account security settings. Facebook has a similar feature, though it’s buried deeper in their security menu. Most big banks have backup codes as well, though you’ll need to poke around in your mobile app settings to find out where they’ve placed that option.
After you’re locked out, the only way to get back into your accounts is to contact customer support for each service. How long it takes to regain access depends on how fast each of the services gets back to you and the timeline can be all over the place – anywhere from a couple of hours to multiple days.
After you download all your backup codes, you’ll have to put them somewhere safe. What’s important – don’t save them on the phone you’re about to sell (that would undo everything we just did). Either write them down on physical paper or save them to a password manager that’s on a different device. You want to be sure that you can still access these codes even after your old phone is gone. Just remember that each code can only be used one time, so treat them like the emergency access tools that they actually are.
Apps with Built-in Export Features
Your authenticator codes used to be a pain to move to a new phone. Most of the bigger apps have gotten much better about this over the last few years though. Google Authenticator added a move feature and it’s pretty easy – you just scan a QR code with your new device and your accounts move right over. Microsoft Authenticator decided to take a different strategy and relies on a cloud backup to sync everything automatically instead.
Google Authenticator makes the move pretty easy if you know where to look. On your old phone, open the app and find the three dots in the top corner. Tap on those and you should see an option called “Transfer accounts” – pick that, then choose “Export accounts.” The app generates a QR code on your screen at that point. On your new phone, open Google Authenticator and tap those three dots again, pick “Transfer accounts,” but this time choose “Import accounts” instead of export. This activates your new phone’s camera so you can line it up with the QR code that’s still showing on your old phone. The move happens automatically and your codes should be available on the new device within a few seconds.
Microsoft Authenticator takes a different strategy than most of the other apps – it backs everything to your Microsoft account instead of making you scan QR codes. To set this up, open the app and tap on those three horizontal lines at the top corner (the menu icon). From there, find the “Cloud backup” option and flip it on. It’ll ask you to sign in at this point if you haven’t already linked your Microsoft account. Once that’s done, the best part is how easy it makes switching phones. You just install Microsoft Authenticator on your new device and sign in with the same Microsoft account you used before. Everything syncs over automatically and all your codes will be right there waiting.
Move tools that are built right into the apps make life a whole lot easier than it used to be. The downside is that not every authenticator app has added these features yet (some developers are slower to update than others). Your app might not have an export or backup option available and that means you’ll need to go the manual way instead. It takes a bit more time this way. But the upside is that it’ll work with any app out there, regardless of which features they have or don’t have.
Manual Setup for Your New Phone
Not every service makes it easy to move your authentication setup from one phone to another. Some businesses just haven’t built that feature into their apps yet and others probably never will. Running into one of these services means you’ll need to go through the moving process manually since there isn’t any automatic backup option to fall back on.
The process isn’t all that hard, though it does take a little patience and some time to work through. The basic approach is to temporarily disable two-factor authentication for every account that’s currently linked to your authenticator app. Once you’ve disabled it on all your accounts, you can move over to your new phone and re-enable the two-factor authentication with fresh codes. As soon as you turn the feature back on for each service, they’ll give you a brand new QR code to scan (which is what links your new device to that account).
This gets annoying pretty fast if you have a dozen accounts and I see this happen all of the time. The alternative is way worse though – this needs to happen before you wipe your old phone!
When someone gets the order wrong, they reset their phone to sell it and only after the reset do they know that their authenticator app is gone. If you don’t have that app, they’re locked out of everything because every one of their accounts needs it to verify their identity. IT departments see this happen all of the time with employees who are switching over to new devices. The person can’t access any of their accounts and has to ask for recovery for every service individually and it can drag on for a few days.
The best strategy is to get a list of each service where you have your authenticator app turned on. Go through each one individually and temporarily disable the two-factor authentication. After that’s done, you can set up each account fresh on your new phone. When all your accounts have been transferred over to the new device, you can flip two-factor authentication back on for each service and scan the fresh QR codes. You’ll want to keep your old phone charged and close by during this entire process because you’ll probably need to reference a code or two from it as you’re in the middle of the switch.
Password Managers that Sync Your Codes
Password managers like 1Password and Bitwarden have built-in authenticators at this point and can save you time and effort if you’re tired of manually transferring all your authentication codes every time you upgrade to a new phone.
The best part about these tools is that they can store your passwords and your two-factor codes together in the same place. Everything will sync automatically across whatever devices you use, and all you’ll actually need to remember is your one master password. When you get everything set up for the first time, you’ll never have to worry about transferring anything around again.
The trade-off is usually worth it. Whenever you have to log into your accounts, you can just open up one app instead of having to jump back and forth between two different tools.
One reminder before you make the jump – you’ll still need to move everything over at least one more time. All your authentication codes need to move from your existing authenticator app into the password manager first, and you want to make sure that happens before you do anything else with your phone. The next section will talk about how to reset your device after you have everything backed up and transferred over safely.
Reset Your Old Phone the Right Way
You’ll have to test every account before you wipe your old phone and you shouldn’t skip this. Go through each service individually and actually try to log in with the codes from your new device. If everything works the way that it should, great. If something fails or doesn’t quite work right, at least you can fix it right away. Your backup codes and original settings are still sitting there if you need them. Your old phone is still around at this stage.
After you’ve confirmed that everything is working the way it should, you’re ready to move forward with the factory reset. It’s a step where lots of customers run into problems. Just going into your phone and deleting the authenticator app won’t actually remove the data that’s been stored on there. The information might still be sitting somewhere on your device in hidden folders or cached files that you won’t be able to see or access without much work.
iOS and Android have factory reset options already built into their settings menus. It’s the safest and most reliable way to wipe everything from your phone completely. The built-in reset process takes care of the data deletion in the right order and it does it better than any third-party app could. Go to the correct settings menu for your device and then just follow each step of the process through to completion. Stopping halfway through or skipping a step could result in incomplete data removal.
Data recovery programs are actually pretty common and they can pull information back from phones that didn’t get reset properly. Your authenticator database is the type of file that these tools can recover from the device. Whoever ends up with your old phone could use one of these programs to extract that data and maybe get access to your accounts even after it’s already out of your hands.
Once the reset process goes through, your old device will be wiped clean. Your accounts are already safe on your new phone at this point and the old device won’t have a single bit of your personal information on it for anyone else to recover or access.
Trade Your Old Phone for Cash Today
It takes some time to move your authenticators to a new phone – I won’t pretend otherwise.
Calendar reminders are your friend here – set one up now for your next phone upgrade as everything is still fresh in your mind. When that upgrade time comes around again, you’ll already know what needs to happen before you hand over your old device. The best strategy is to work through this in smaller chunks – it makes everything feel a lot more manageable and way less overwhelming. Work through your authenticators one app at a time and you’ll keep everything organized without losing track of anything.
Once you’ve moved your authenticators over and wiped your old phone clean, that device turns into cash in your pocket. At ecoATM, we operate more than 6,000 kiosks across the country, and the whole process of selling your phone is about as simple as it gets. Drop off your device at a nearby kiosk, and the machine will run a quick diagnostic to check on its condition. You can walk out the same day with cash in hand or have us send the payment to you online. The entire transaction takes barely any time at all. It keeps old electronics out of landfills, and the money can go toward your next phone or whatever else you might need.
