Computers & Electronics

How to get 2FA backup codes after the fact?

  • Last Updated:
  • Nov 28th, 2020 10:47 am
[OP]
Member
Dec 13, 2006
270 posts
19 upvotes

How to get 2FA backup codes after the fact?

I think I have been good in that I had established where possible, 2FA using an authenticator app but take me down a couple of notches as I mostly neglected to print off or save the corresponding backup static number codes. (I guess this further option exists in case....one's trusty authenticator app is not available, not working?)

So now still trying to be proactive, is there a way to now obtain these backup codes, having already setup the authenticator app for said sites? (FWIW AEGIS is the app)
13 replies
Deal Expert
Jan 17, 2009
18712 posts
26941 upvotes
ONTARIO
As far as I know, no there isn't a way to get the pre-existing backup codes if you didn't first back them up when you turned on 2FA.

I believe the only thing you can do is go into these sites/apps where you first set up 2FA, turn it off and then turn it back on. You should be given new backup codes at that time which you can save/print.
Member
Oct 12, 2005
260 posts
44 upvotes
Markham, ON
From experience, if you do not have the QR Code or the original key you get from the service when you did the initial set up, there is no way to set up a new 2FA app. I went through disabling 2FA from all my accounts and set them up again two years ago because I had to take my phone for battery replacement and I factory-restored my phone so the people fixing the phone wouldn't have any of my data. At the time, I set up the Google Authenticator on my iPad, but I made sure I saved each QR code so I would not have to go through the exercise of disabling and re-enabling 2FA for each service in the future.

Shortly after that, I discovered the app called Authy and this app allows you to set up an account based on your phone number, and then you can set up the same app on other phones, tablets, and PCs. The only requirement to restore all your 2FA accounts is a backup password you can specify and an existing device that already has Authy so you can approve the restore and then it will decrypt all the accounts you set up after you provide the password.
[OP]
Member
Dec 13, 2006
270 posts
19 upvotes
BobSagget wrote: I believe the only thing you can do is go into these sites/apps where you first set up 2FA, turn it off and then turn it back on.
I really dont want to do that as there are too many sites. But thanks for that.
Sr. Member
User avatar
Nov 21, 2001
796 posts
105 upvotes
Markham
I use Authy for the same reason. Switched phones multiple times and haven't lost any 2FA data. They even have a desktop app.
Deal Addict
User avatar
Sep 10, 2005
4582 posts
1888 upvotes
GTA
Aegis already supports database backups. You can just export it in the settings and then save it somewhere safe. Be sure to turn encryption on.

Or you can right click on each, select edit, and the key is located under Advanced.
[OP]
Member
Dec 13, 2006
270 posts
19 upvotes
chrishch wrote: From experience, if you do not have the QR Code or the original key you get from the service when you did the initial set up, there is no way to set up a new 2FA app.
Maybe I am overthinking this as AEGIS does allow one to export/backup its vault so that one can restore the same vault to another device and so have the 2FA rise again (again with AEGIS). (And I have done such an export/backup).

I guess I was looking at having simple backup number codes so I could get into a site right away.
Last edited by 21Rouge on Nov 26th, 2020 5:12 pm, edited 1 time in total.
[OP]
Member
Dec 13, 2006
270 posts
19 upvotes
Yup Dave98. I did know about the ability to export the database.

But I didnt realize that the key for each entry can be found under Advanced. Thank you very much for that.

(Just curious 'Dave' do you write down/save each of the keys somewhere?)
Deal Expert
Jan 17, 2009
18712 posts
26941 upvotes
ONTARIO
chrishch wrote:

Shortly after that, I discovered the app called Authy and this app allows you to set up an account based on your phone number, and then you can set up the same app on other phones, tablets, and PCs. The only requirement to restore all your 2FA accounts is a backup password you can specify and an existing device that already has Authy so you can approve the restore and then it will decrypt all the accounts you set up after you provide the password.
Took a little time, but I just swapped over all my 2FA from Google Authenticator to Authy.
Deal Addict
User avatar
Sep 10, 2005
4582 posts
1888 upvotes
GTA
21Rouge wrote: Yup Dave98. I did know about the ability to export the database.

But I didnt realize that the key for each entry can be found under Advanced. Thank you very much for that.

(Just curious 'Dave' do you write down/save each of the keys somewhere?)
The Aegis back up function works fine. Sometimes I'll take a screenshot of the QR codes when setting up too but it's not necessary.
Deal Addict
User avatar
Oct 19, 2007
1295 posts
283 upvotes
45.467253°N, 75.5123…
OP, I think you're confusing saving the initial key with backup codes that can be generated even after 2FA is already setup and running. Some apps save the initial key but this is NOT a backup code. Backup codes are single-use codes to replace the 2FA code generated by the app
[OP]
Member
Dec 13, 2006
270 posts
19 upvotes
wally_walrus wrote: OP, I think you're confusing saving the initial key with backup codes that can be generated even after 2FA is already setup and running. Some apps save the initial key but this is NOT a backup code. Backup codes are single-use codes to replace the 2FA code generated by the app
Thanks for that. Looking in my authenticator app (AEGIS), every entry does show a key. Is there any reason to save the key outside of the authenticator app?
Deal Addict
User avatar
Oct 19, 2007
1295 posts
283 upvotes
45.467253°N, 75.5123…
21Rouge wrote: Thanks for that. Looking in my authenticator app (AEGIS), every entry does show a key. Is there any reason to save the key outside of the authenticator app?
Only as a backup. Having the key will work to restore the entry on any other app in case you want to move away from AEGIS. You can actually test this by installing a different 2FA app and manually restore an entry by using its key in AEGIS, then check that both apps display the same codes in sequence
Deal Addict
Jan 21, 2018
4103 posts
4192 upvotes
Vancouver
Sometimes I picture our future descendants living primitively in caves among the ruins of our digital civilization because we finally got a little too secure and someone forgot the master password. Smiling Face With Open Mouth

Generally whenever yet another service decides to implement 2FA and I have to spend 1/2 an hour struggling to get it to work again...

Top