Authenticator icon indicating copy to clipboard operation
Authenticator copied to clipboard
verified publisher icon mattrubin

Add the ability to transfer accounts to a different device, e.g. when switching phones

Open antedebaas opened this issue 5 years ago • 6 comments

The Google Authenticator has a new feature where you can scan an qr-code from your old device on your new device and thereby transferring all tokens. I would be great if this authenticator would implement a similar function

antedebaas avatar Dec 03 '20 13:12 antedebaas

In order to achieve this on the iPhone you must:

  1. Download and Install iTunes
  2. Connect Old iPhone via USB to iTunes
  3. Create Encrypted backup
  4. Disconnect Old iPhone
  5. Connect New iPhone via USB to iTunes
  6. Restore Encrypted backup to New iPhone
  7. Done

suchislife801 avatar May 09 '21 23:05 suchislife801

In addition to the encrypted (iTunes or Finder) backups mentioned above, you can also transfer tokens to a new device via Quick Start.

The possibility of letting a user extract their tokens via QR code is an interesting idea. It could certainly make setting up a new device easier for (the majority of?) users who set up a new phone using iCloud, but it could also create a security vulnerability if it makes it too easy for someone with physical access to your phone to quickly clone your tokens.

I'll consider adding a feature like this, but probably not before adding the ability to lock Authenticator with an app password.

mattrubin avatar May 17 '21 13:05 mattrubin

I did not think of the security implications. Having matje Authenticator succeed with a password (TouchId/FaceId ?) first sounds like a sane security measure

antedebaas avatar Jul 04 '21 22:07 antedebaas

I do want to revisit this idea for a bit. i have 2 iphones a work and a private phone. i wish to transfer my codes from my private phone to my work phone but those are on a different account. and my rights on the work phone are limited by a security policy. i would love to be able to transfer my codes on 1 go to my work phone instead of having to re add them all again.

antedebaas avatar May 07 '22 10:05 antedebaas

Your rights on the work phone are limited by a security policy precisely because they don't want you to do anything that is not work related with it, to it. It was designed precisely with folks like you in mind.

suchislife801 avatar May 18 '22 20:05 suchislife801

Very constructive comment there. It’s locked in because they don’t want you to export company data from the phone to other sources by the way. I am allowed to do personal stuff with it. Some colleges even have it as their only phone. You don’t know what my company does and does not want. You don’t even know where I work.

antedebaas avatar May 23 '22 19:05 antedebaas