What to do after losing your 2F authentication secret key and how to avoid losing it later

By eqariu | Cryptomorrow | 4 Sep 2019

Google Authenticator or Authy or other authenticator apps are popular now for securing apps and services. These authentication apps and services add another layer of security on top of using normal passwords or pins by requiring that the owner of the account verifies further that the account belongs to them either by using codes accessed on or one-tap sign requests sent to mobile devices that the user owns. It's called 2 Factor (2F) authentication.

And because a 2F authentication for your cryptocurrency apps is as advisable as other security measures for securing cryptocurrency such as using a cold storage, being aware and being proactive about phishing attacks and other tips advised by experts, it is necessary to enable 2F whenever you have the chance. But that comes with some responsibility to store your secret key properly. For instance, most cryptocurrency exchanges now allow users to secure their accounts and assets using Google Authenticator app or a similar authenticator app. 

How can you recover from a situation where your Authenticator account secret key is gone or where your mobile device on which you had installed the Authenticator app or saved the secret key is gone for good or broken? The answer lies in two methods: ensuring you can back up your Authenticator key or using an app that can securely store your keys on cloud and allow recovery of it when you reinstall the Authenticator app on a different device.

Well, if the secret key provided on the Authenticator app when you were setting up a cryptocurrency service account with an app say your crypto exchange app, is available, then restoring your Authenticator app becomes very easy as you would need to only install Google Authenticator newly on the new device and then create a new account for the app or service by adding the secret key provided when you were setting an account for that particular app on Google Authenticator. You then are able to access codes or one-tap logins again to access the crypto apps and service. 

It means that the best way to save yourself from the agony of losing crypto app Authenticator secret keys is to just write all of them down when they are provided and to save them on a different device or writing them and keeping the file or paper or whatever in a separate place so recovery would be easier if the device is lost or becomes unusable.

For those who have looked further about recovery from eventualities related to these Authenticator secret keys, they are supplied by the crypto exchanges and services to which you are logging into with the Authenticator and, you may be safer when using such services because they can do a reset for you if you lost your Authenticator secret keys, but that may also take a while and may require the customer to verify that the account belongs to them. For instance most centralized exchanges will help.

The later may, for instance, involve you contacting them directly: for Binance, for instance, that starts by clicking on "Lost Your Google Authenticator?" on the Binance's website and if you don't have the backup key for a quick reset, confirm the application reset after which you receive the "confirm reset" in your email, after which you would be required to put last deposit address you used and then upload 3 pictures of your ID card. Front, back, and one with you holding the ID card. Y6ou then submit them to complete the reset process and they will do the recovery.

With most exchanges, it involves several hours to days of back and forth emails with support. One of the most important thing 

in some cases, however, if you are using Google Authenticator app or any other Authenticator app with your local crypto wallets or DExes and it happens that the service or company behind the service cannot access your data at all as happens for some cases where services want to improve crypto security where data is never stored on centralized servers but only on user's device, it may not be possible at all to recover via support. You are gone!

Here are methods you can ensure you stay safe in case of an eventuality:

1. Auto recovery of Google Authenticator App: Most Android and iOS devices allow for automatic backups of files and data to Google Drive or on iCloud from time to time. That requires you to have selected the "Back up and reset" option on your device settings. You still can backup manually to Google Drive or iCloud from time to time. But the automatic backup allows you to not bother with backups every time you update the device or installed a new app or better, in our case, installed a new account on the Google Authenticator app.  

With apps installed via the Google App Store, you can restore all apps and apps data previously backed up on Google servers or on iCloud, to the new device and this is done automatically when you sign in to the Play Store again for the first time on the new Android device.

2. Doing manual backups for Google Authenticator and recovering the backup: Either with third party backup software that allows you to save the backup file on computer and restore same file from the PC to mobile. You might also need to root the device and do some extracting the secret key manually from your device.

3. (professional) data recovery if your device is still working but for some reason you uninstalled the software or had wiped data or other cases of un-access to apps.

4. Using better alternatives to Google Authentication app: Most of these work wherever Google Auth app is accepted and can be used to login to those services. Examples include Authy; LastPass, Saaspass, Microsoft Authenticator and physical security key devices such as YubiKey, Titan Security Key, Protectimus NFC among others. Some have enterprise features. 

Please read more on the 4 methods for explanation on this article:

How do you rate this article?




Seasoned writer in crypto, blockchain and tech


All things everywhere crypto: Crypto news, blockchain, ICO news, reviews, tech, trading info & tips,…

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.