Your Google Authenticator codes can move to a new phone, and the safest path is transferring accounts with the built-in QR export/import flow.
Getting a new phone feels simple until you hit the first login prompt and realize your 2-factor codes live on the old device. That’s the moment people get locked out, scramble for backup codes, or start resetting 2FA on half their accounts.
The good news: you can transfer Google Authenticator entries. The better news: you can do it in a way that keeps you signed in, avoids dead ends, and leaves you with a clean setup on the new phone.
This walkthrough is written for real life: cracked screens, trade-ins, SIM swaps, iPhone-to-Android moves, and the “I already wiped the old phone” mistake. You’ll get a plan that works even if some accounts refuse to play nice.
What “Transfer” Means For Authenticator Codes
Google Authenticator is a TOTP app. Each entry is a shared secret that generates rolling 6-digit codes. If your new phone has the same secrets, it generates the same codes at the same time.
So a transfer is not about “moving the numbers.” It’s about getting the underlying secrets onto the new device, safely, without exposing them and without breaking logins.
What Moves And What Doesn’t
When you transfer accounts inside Google Authenticator, you’re moving the Authenticator entries themselves. You are not changing your passwords. You are not changing the 2-step setting at each website.
That’s why a clean transfer is fast: once the entries are on the new phone, your codes keep working like nothing changed.
Why People Get Locked Out
Lockouts usually come from one of these patterns:
- The old phone is erased or traded in before the transfer finishes.
- The account was set up with another 2FA method, so Authenticator isn’t the only gate and the user can’t pass the gate to change anything.
- Codes were moved, but the user didn’t test logins before wiping the old phone.
- One or two services were never transferred and get discovered weeks later.
Before You Start: A Two-Minute Safety Setup
Do this prep while you still have the old phone unlocked. It saves hours later.
Step 1: Keep The Old Phone Active Until You Verify
Don’t factory reset yet. Don’t hand it to the carrier yet. Don’t ship it back yet. Keep it powered and unlocked until you log in to a couple of accounts using the new phone’s codes.
Step 2: Gather Your “Second Door” Options
For at least your email and your password manager (if you use one), make sure you can still sign in without the Authenticator on the old phone. That can be SMS, a passkey, a security key, backup codes, or a trusted device prompt.
You don’t need every option for every site. You just want one reliable fallback for the accounts that matter most.
Step 3: Update Both Phones And Install Authenticator
Install Google Authenticator on the new phone and update the app on the old phone. Transfers fail most often when the old app is behind and the transfer menu looks different.
Does Google Authenticator Transfer to New Phone? The Most Reliable Method
This is the built-in transfer flow. It’s designed for moving accounts by creating QR codes on the old phone and scanning them on the new phone.
Transfer With QR Codes (Old Phone In Hand)
- On the old phone, open Google Authenticator.
- Open the menu, then go to the transfer area for accounts.
- Choose the option that exports accounts and select the entries you want to move.
- The old phone will display one or more QR codes.
- On the new phone, open Google Authenticator and choose the option to import accounts by scanning a QR code.
- Scan each QR code shown on the old phone until the import completes.
If you’re switching platforms (Android to iPhone or iPhone to Android), the flow is still QR-based. The menu location may differ a bit, but the idea stays the same.
If you want Google’s step list for your device, the most direct reference is the Google Account Help instructions for transferring Authenticator accounts.
Immediate Test: Do This Before You Wipe The Old Phone
Pick two services you can safely test right away, like a social account and a work tool. Log out, then log back in using the new phone’s code.
After two successful tests, you can feel confident. Still, keep the old phone for a day or two if you can. Some “forgotten” 2FA needs pop up later.
What If You Used Sync In Google Authenticator?
Some versions of Google Authenticator can sync codes to your Google Account. If you turned that on, signing into the same Google Account on the new phone can bring entries back without QR scanning.
Sync can be convenient when a phone is lost or damaged. It can also be a trade-off: putting your 2FA secrets into a synced store changes your threat model. For a straight phone-to-phone move where you still have the old device, QR transfer stays the cleanest option.
Google’s own announcement about the feature is on the Google Security Blog post on Authenticator account sync.
Transfer Options And When Each One Fits
Not every situation is a calm “both phones on the table” move. This table maps the common scenarios to what usually works best.
| Situation | Best Transfer Path | What To Watch For |
|---|---|---|
| You have old phone, it unlocks | QR export/import inside Authenticator | Scan all QR screens; test logins before reset |
| Old phone works, screen is cracked | QR transfer with zoom and brightness up | Multiple QR pages can appear; scan each one |
| Old phone is gone, sync was enabled | Sign in to the same Google Account in Authenticator | Confirm entries match; test a login on a low-risk account |
| Old phone is gone, sync was not enabled | Use each site’s recovery or 2FA reset flow | Email account access becomes the lifeline |
| You’re trading in the phone today | QR transfer plus fast verification | Don’t erase until you pass at least two logins |
| You’re moving Android ↔ iPhone | QR transfer works across platforms | Camera permissions on the new phone can block scanning |
| One account refuses to work after transfer | Re-enroll 2FA on that service only | Some services bind to a device entry; rotate 2FA cleanly |
| You want a cleaner long-term setup | Transfer, then prune old entries | Don’t delete on the old phone until the new one is proven |
Make The Transfer Stick: A Clean Verification Routine
A transfer is only done when you can prove you won’t get surprised later. This routine keeps it simple.
Pick A “Top Five” List First
Write down five accounts where a lockout would hurt the most. People often forget the basics:
- Main email inbox
- Password manager
- Banking or payment apps
- Work identity (Microsoft, Google Workspace, Okta)
- Cloud storage
After the QR transfer, test those first. If one fails, you catch it while the old phone still exists.
Confirm Time And Time Zone Are Correct
TOTP codes depend on time. If the new phone’s clock is off, codes fail even if the secret is correct. Turn on automatic time and automatic time zone, then retry.
Don’t Delete Entries Right Away
After you verify the new phone works, you can delete entries from the old phone. Do it only after you’ve logged in to the accounts you care about.
If you keep the old phone as a backup device, set a strong lock screen and store it somewhere safe. Treat it like a spare key to your accounts.
When You Don’t Have The Old Phone
This is the tough scenario. If your old phone is lost, stolen, or wiped, Google Authenticator can’t recreate secrets that were never synced or exported.
Your path is account-by-account recovery. That can be annoying, but it’s manageable if you start with email first. Email access is the doorway to resetting 2FA on many services.
Start With Email And Your Password Manager
Get back into your email using any fallback available. Next, get into your password manager if you use one. Those two usually contain recovery links, backup codes, and the list of accounts that need attention.
Reset Or Re-Enroll 2FA One Service At A Time
Once you’re in, remove the old Authenticator entry and add a new one. Use the site’s 2-step settings area so you don’t create duplicate 2FA methods that confuse future logins.
If a service offers backup codes, store them in a safer spot than a screenshot gallery. A password manager secure note is a common choice.
Common Problems And Fixes That Work
If the transfer menu isn’t showing, the scan won’t start, or your codes fail after import, these fixes cover the usual culprits.
| Problem | What It Usually Means | Fix |
|---|---|---|
| Transfer menu looks different | Old app version or different platform UI | Update the app on both phones, then recheck the menu |
| New phone can’t scan the QR | Camera permission blocked | Allow camera access for Authenticator in phone settings |
| QR scan works, entries appear, codes fail | Device time mismatch | Enable automatic time/time zone, then retry the login |
| Only some accounts transferred | Multiple QR screens were skipped | Repeat export and scan every QR screen shown |
| Codes work on old phone, not new phone | Wrong entry imported or clock drift | Delete the broken entry on new phone, import again, verify time |
| Account shows in app, site still rejects codes | Site expects a different 2FA method | Check the site’s security settings and confirm Authenticator is the active method |
| New phone is offline | TOTP can work offline, but login flow may need internet | Connect to Wi-Fi or cellular, then retry the sign-in |
| You erased the old phone too soon | No export path remains | Use recovery options per site; start with email and backup codes |
After The Move: Tighten Things Up Without Making A Mess
Once the new phone is confirmed, a little cleanup makes future migrations easier.
Remove Dead Entries
If you see old accounts you no longer use, remove them. That reduces confusion when you scan a transfer QR and wonder which codes still matter.
Add Recovery Options While You’re Already In Settings
When you re-visit security pages, add one more fallback that you control. A security key, passkey, or backup codes can save you later.
Don’t try to overhaul every account in one sitting. Do it in batches: email and password manager first, then banking, then work tools, then everything else.
Plan Your Next Upgrade Before It Happens
The best time to prepare is when nothing is on fire. If you keep a short note listing where your backup codes live and which accounts use Authenticator, your next phone upgrade becomes routine instead of a scramble.
What To Do Right Now If You’re Mid-Switch
If your new phone is already in your hand, do this sequence:
- Install Google Authenticator on the new phone.
- On the old phone, run the built-in transfer and export accounts.
- On the new phone, import by scanning all QR screens.
- Test logins on two accounts.
- Test your “top five” accounts.
- Only then erase or trade in the old phone.
That order keeps you out of the classic lockout trap. It also keeps the work contained to one sitting, with a clear finish line.
References & Sources
- Google Account Help.“Get verification codes with Google Authenticator.”Official steps for transferring Authenticator accounts by exporting and importing with QR codes.
- Google Security Blog.“Google Authenticator now supports Google Account synchronization.”Explains the addition of account sync and what it does for moving codes across devices.