I have the Google Authenticator app linked to my Google account. When I click on the cloud icon in the top-right corner of the app, I see the message: "Your codes have been saved to your Google account." This suggests that the codes are backed up to my linked Google account, so I should be able to recover them if I lose my phone.
However, after searching through my Google account, I can't find where these codes are stored. Could you help me with this?
Thanks!
recovery - Where to find Google Authenticator backup codes? - Information Security Stack Exchange
How do I recover my codes on Google Authenticator? - Google Account Community
How to retrieve a deleted google authenticator key
How can I recover lost Google Authenticator codes?
Videos
You need backup codes to "an account" not to Authenticator itself.
Authenticator has one entry for each 2FA-enabled account of yourself - without needing an account for its own use. So the concept of backup codes for GA doesn't apply.
If for example, you have an account (say GMail) that you've protected with GA-based 2FA, then you could generate backup codes for GMail, from GMail Account Management / Security menus. Since the backup codes need to be recognized by GMail, they are generated in GMail - not GA.
Same logic applies for any other account that you need backup codes for.
Edit: To backup all the accounts you have on GA, you need to backup the "App-specific secret" (usually a long hex string; or a QR Code that has the string) for each account/app. AFAIK, GA doesn't use online storage to backup your GA-enabled accounts.
I agree with you that the "philosophy" behind Google Authenticator's "only one device" is profoundly broken, because in as much as it tries to avoid "copying" the keys, it exposes you to the risk of a broken device. Electronic devices can fail. You need a backup. Happily, Google Authenticator's keys can be extracted: http://eduncan911.com/technology/hardware/google-authenticator-databases-move-copy-fix.html
Unfortunately, once a key is deleted from Google Authenticator, it cannot be retrieved. Google Authenticator does not provide a way to recover lost keys or codes. If you have lost access to your authenticator key, you will need to follow the recovery process for your Exchange Server account. This typically involves using backup codes, if you have them, or contacting your administrator or support team to reset your two-factor authentication settings.
If you do not have backup codes and cannot access your account, you may need to create a new account or follow the specific recovery procedures outlined by your organization for Exchange Server access.
Hi @Ifeanyi Udumaga
Thank you for posting your question in the Microsoft Q&A forum.
You cannot retrieve a deleted authenticator key from Google Authenticator. Once an entry is removed, the app has no way to recover or display that secret again.
You may want to review guidance in the Google Account Community on recovering lost authentication codes: I accidentally deleted my Google Auth, - Google Account Community.
This information is provided as a convenience to you. These sites are not controlled by Microsoft, and Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please ensure that you fully understand the risks before using any suggestions from the above link.
If recovery is not possible, you will need to contact your Exchange Server administrator to reset multi‑factor authentication in the configured MFA provider (for example, AD FS or a third‑party MFA solution).
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
By deletion of key, if you mean to say that you've deleted your account from Google authenticator app, you'll not be able to recover it by adb systems.
Simply go to Google my account, log in, and if it asks for authenticator pass code, choose a different methods of verification, and then either backup codes or through mobile verification (whichever you've got active). Then switch off authenticator system of verification. Again switch it on, and follow on-screen processes. Done. This is the simplest method to regain authenticator access.
Unfortunately, you cannot recover your secret keys in your Google Authenticator app. If you haven’t saved the QR codes or secret keys, you should contact the support team of service which you protect with Google Authenticator and they will help you to restore the access to your account. After this, you will be able to issue a new token. In order to avoid reoccurrence, you can use hardware tokens.