By Hugh Aver at Kaspersky

It is vital to protect accounts with two-factor authentication: If your password gets leaked (and leaks are very common), 2FA will safeguard your accounts against hacking. One of the most convenient 2FA methods is to use an app that generates one-time codes, such as Google Authenticator and the like. But what if your phone, and along with it the authenticator app, gets lost, broken, or stolen? In that case, you have several options.

Recovering the authenticator without access to your smartphone

If you no longer have access to the smartphone on which the authenticator app is installed, your next steps depend on whether you’re still signed in to the account you need to log in to on another device.

Recovering the authenticator if you are logged in to the account on another device

If you’re still logged in to the account on another device, you may be in luck. Open your account settings and reset the authenticator — that is, link it to the app on the new phone. The item you need is usually somewhere on the Security tab. For example, this option works with Google accounts if you’re logged in to even one of the company’s apps, such as YouTube.

Some (but not all) services even display the secret key or QR code of the authenticator in the settings. In that case, simply enter the secret key or scan the QR code in the authenticator app on the new device and you’re all set.

Unfortunately, this method doesn’t always work. The problem is that not all services use the same settings in the Web version as in the mobile app. The option you need might simply not be operant on the device where you’re logged in.

Recovering the authenticator without access to your account

If you’re not logged in elsewhere and you’ve lost the smartphone with the authenticator, done a factory reset, or had it stolen (basically, if you no longer have access to it), or if the above method didn’t work, you won’t be able to recover the authenticator.

What you can do now is restore access to your account. If it’s an account with a major public service (e.g., Google, Facebook, Instagram) and your account is linked to your e-mail or phone number, you can easily restore access using an alternative authentication method.

To do this, start the account login process by entering your username and password, and when you need to enter a one-time code from the authenticator app, look for a “Try another way” (or similar) link.

Select the most convenient option — most services can deliver the code by text, voice call, or e-mail —and wait for it to arrive. It shouldn’t take long, and soon you’ll be able to sign in to your account.

If the loss of the authenticator blocks your account access, for example with a corporate or small public service that lacks an automatic procedure for restoring access, contact a local administrator or support service and explain what happened. You’ll most likely need to prove you are the real owner of the account.

When you are finally able to log in to your account, link the authenticator to the app on your new smartphone — and so as not to have to repeat everything the next time you lose your smartphone with authenticator app, create a backup right away.