When you're switching phones after an upgrade or an accident, the job of checking up on your two-factor verification apps can get lost in the hustle of transferring photos, contacts, messages, and all the other stuff that more quickly comes to mind. Without your security codes, though, you might get locked out of your key online accounts — here's how to make sure that doesn't happen.
Virtually every app and account of note now has two-factor enabled - that's undoubtedly for the best, but it does place a lot of importance on your phone. You should always make sure your backup access methods are secure and current as well, just in case: with Facebook, for example, that might mean identifying some trusted contacts who can help you get back into your account.
If you use codes sent over SMS, life is a bit easier, particularly if you're keeping the same number: Your codes will turn up on your new phone as normal. SMSes can be intercepted though, so we'd recommend switching to app-generated codes if you can. If you use SMS codes and change your phone number, make sure the new one is registered with whatever apps or services it needs to be before you lose access to the old one.
While all this might seem an unnecessary amount of hard work, it's a small price to pay for the extra security that two-factor offers, and you're unlikely to upgrade your phone more than once a year or so anyway. Work through your apps one by one, and make sure you've safely switched over all of them before ditching your old phone.
Google Authenticator for Android and iOS is the mainstay of Google's approach to two-factor for its accounts, and if you're switching to a new phone then you need to get the app installed and activated on it. You don't necessarily need to deactivate or delete the app on your old phone, though it's recommended to be on the safe side.
As per Google's instructions, dive into your account on the web and get yourself a backup code — pre-generated codes that unlock your account — just in case it's needed (click on 2-Step Verification). Then download and install the Authenticator app on your new phone. Back on the web on the 2-Step Verification screen, click Change phone under the Authenticator app heading, then follow the instructions.
You'll be asked to scan a barcode in the Authenticator app on your new phone (tap the red plus button to do this), which will then be verified. The codes from the app on your old phone will no longer work at this point.
Google recently added a new prompt option to replace or work alongside the Authenticator app, which you can see on the 2-Step Verification screen - this simply brings up a prompt on any device linked to your Google account that you have to hit confirm on, no separate apps needed.
The Authenticator app also works with other third-party apps and services, so you can use it to generate codes for more than just your Google account.
Apple has made the switch from two-step verification to two-factor authentication, terms that are generally used interchangeably by everyone else. Essentially, it means two-factor tech is now built into macOS and iOS, and you need one "trusted device" (one that Apple knows is yours) to log in anywhere new.
While the more modern system doesn't use SMS codes anymore (and with good reason, as they can be intercepted), it does rely on your phone number. If you're switching to a new iPhone, then all you need to do is make sure your mobile number is correct by logging into your Apple account on the web.
Click Edit next to the phone numbers in the Security section, and add your new number (you can even add a trusted friend's number as well, just to be on the safe side while you set up your new iPhone). As long as these are accurate, you should be ok.
Most of the time you'll be upgrading from one iPhone to another, with the same number, in which case iOS does everything for you (you'll still need your account password of course). If you are switching SIMs, add your new number via your Apple ID account on the web. There are no apps or codes to mess with, as there are with Google, but then Apple only has to worry about its own operating systems.
Microsoft, like Google, has an authentication app you can install for Android and iOS. The best way of switching the phone you need to log into with is to simply install the app on your new device while keeping your old one available until you've made the switch.
Everything is managed through your Microsoft account on the web. Click Security, then More security options to configure this: Choose Set up identity verification app, then follow the instructions on screen — you'll need to sign in using your Microsoft account credentials on your new handset, then, of course, verify your identity again using the two-factor authentication system.
If you've got the old app still installed on your old phone, you can simply tap once to approve the request and confirm your new phone as a recognised approval device. If you don't have your old handset, you can get a code sent to one of your registered phone numbers or email addresses.
The account and device connections involved in two-factor authentication are why it's always important that your registered details are always correct — one day they might be the difference between being able to get into your account or not. Make a note of alternative login methods, and make sure you're always covered.
As we've already said, a whole host of apps and accounts now work with two-step authentication, so we won't go through every single one here. The important point is that you remember you need to make the switch for these as well. If possible, keep your old device around until this has happened, and make sure your backup recovery information is all correct, just in case it's needed.
A bunch of apps and services - from Facebook to Reddit - now very politely let you use any two-factor authenticator app you want, like Google Authenticator or Authy, to manage your codes. These apps typically work offline, and some (including Authy) let you sync your codes across multiple devices, making the process of switching to a new phone a lot easier (you just set up your new phone as a second device, then deactivate the original one).
We'd recommend an all-encompassing two-factor app just for convenience and security's sake, keeping all your codes in one central stronghold, but you've still got the option of choosing dedicated apps if you prefer to keep everything separate.
In the case of Yahoo accounts, it's the Yahoo Mail app for Android or iOS, and you can verify your new phone using the app on your old phone. From the new device, you can then manage which devices can confirm future logins by opening the app menu, tapping the key next to your account name, then choosing Manage Account Key. If you no longer have your old account, you can use email or SMS as a backup verification method.
In the case of Facebook accounts, if you want to use the Facebook app itself for your codes, it's just the same: Install the Android or iOS app on your new phone, and use your old one to confirm your identity before wiping it (you can do this even if you've already swapped the SIM over). Again, if you've lost access to your old device, Facebook offers a variety of alternative login options on the web. Trying to sign into accounts that aren't mobile-only is definitely easier if something goes wrong.
Should you get stuck, ask the app developer for help: Blizzard recommends removing its authenticator from the old device first, then adding the app on your new device (if you've lost or sold the old device, you need to contact Blizzard directly). For Steam, meanwhile, you can verify the authenticator app on a new phone using your existing cell number, but if that number is changing, you need to disable the original authenticator first.
Whichever method you choose, the result will be the same: better security and greater peace of mind.