How to Move Microsoft Authenticator to a New Phone

How to Move Microsoft Authenticator to a New Phone

The Microsoft Authentication logo.

Using an authenticator app for two-factor authentication (2FA) is more secure than SMS messages, but what if you switch phones? Here’s how to move your 2FA accounts if you use Microsoft Authenticator.

Previously, we looked at moving 2FA accounts in Google Authenticator to a new phone. We found that there’s no way to export all your accounts, and then import them onto a new phone. You have to re-create your 2FA accounts on your new phone manually.

Fortunately, Microsoft Authenticator provides a backup and recovery option. Note that 2FA is designed to make it extremely hard to access an account unless you have the 2FA code. Most accounts provide backup codes you can use if you’ve lost or damaged your phone.

Make sure you have a copy of the backup codes for each account before you attempt to change your authenticator device. You’ll then be able to use those if you experience any issues when trying to recover your accounts.

Turn on the Backup Option on Your Old Phone

If you need to recover your accounts on a new phone, you’ll have to turn on the backup option on your old one. To do this, open Microsoft Authenticator. Tap the three vertical dots at the top right, and then tap “Settings.”

Tap the three dots, and then tap "Settings."

In the “Backup” section, toggle-On “Cloud Backup” on an Android phone, or “iCloud Backup” on an iPhone.

Toggle-On Microsoft Authenticator's "Cloud Backup" option.

Your accounts will then be backed up to the Microsoft account you used when you first set up Microsoft Authenticator. iPhones also require that you have an iCloud account.

If you’re concerned about what’s actually backed up, it’s pretty straightforward. Your account and usernames, verification code, and various metadata, such as the time at which the backup was created, will all be included.

Related :   How to Open Microsoft Word Documents Without Word

Authenticator creates an encrypted JSON Web Encryption blob (JWE) file using AES-256. It then hashes the data using SHA-512, and adds it to the JWE before storing the whole file and Key ID in your account. A detailed explanation of the backup and storage process is available if you want to dive a little deeper.

Using the Recovery Option on Your New Phone

Next, you’ll need to install Microsoft Authenticator on your new phone. Download it from the Google Play for Android or the Apple App Store for iPhone. Don’t set up any accounts using Microsoft Authenticator until after you’ve used the Recovery tool because it will overwrite matching site accounts.

For example, say you set up 2FA on the Gmail account in Authenticator on your new phone. However, Authenticator on your old phone contains the Gmail account The Recovery tool will overwrite the account you added to Authenticator on your new phone with the account that exists in your backup.

To use the Recovery tool, open Microsoft Authenticator on your new phone, and then click “Begin Recovery.”

Click "Begin Recovery" in Microsoft Authenticator.

You’ll be asked to sign in to the Microsoft account you used for the backup on your old phone. Your accounts will then automatically be added to Microsoft Authenticator on your new one.

Revalidate on the New and Remove From the Old

Some accounts will require you to revalidate, either by signing in to those accounts or scanning a QR code. Microsoft Authenticator will display a message if you need to do this. It’s essentially the same process you went through when you set up the account originally.

Related :   4 Ways to Quickly Create a Note on iPhone or iPad

It’s also important to remove the accounts from your old phone. However, don’t do this until you’ve tested and made sure you can access these accounts on your new phone via Microsoft Authenticator.

To remove an account from your old phone, open Microsoft Authenticator on it. Tap the account you want to remove, and then tap “Remove Account.”

Tap "Remove Account" in Microsoft Authenticator.

You should also open all your 2FA accounts and see if your old phone is still shown as a valid authentication device; if it is, remove it.

Once you’ve removed all the accounts from Authenticator on your old phone, you can remove the app, as well. From this point onward, only your new phone will provide 2FA codes for you.

RELATED:  How to Insert a PDF into Microsoft Word

, , , , , , , , , ,
Lucila is a freelance writer and lifelong learner with an ongoing curiosity to study new things. She enjoys checking out the latest grammar books and writing about video games more than anything else. If she's not running through Colorado’s breathtaking landscape, she's indoors hidden away in her cozy game room trolling noobs and leveling up an RPG character. She is a Final Fantasy IX apologist (although she loves them all… except XV), coffee aficionado, and a bit of a health nut. Lucila graduated from Western Kentucky University with a B.A. in English Literature with a minor in Creative Writing.

Leave a reply

Your email address will not be published. Required fields are marked *



Recent Comments