Where Do I Find My Lost Google Authenticator key?
What is Google Authenticator?
The Google Authenticator is an app that utilizes two-factor authentication (2FA) services with the help of two algorithms. The first one is the Time-based One-time Password Algorithm (TOTP) and the other is the HMAC-based One-time Password Algorithm (HOTP). The algorithms are used for authenticating users of smartphone apps by Google itself.
The app gives users a 6-8 digit one-time password, which the users have to then type in addition to their login and password to log into Google. This applies to both Google services and other websites. Google Authenticator is also capable of generating passwords for third-party apps as well. This includes file hosting services and other software. The Authenticator was originally open-source, but its newest builds are not.
How do I use it?
Usually, you would install Google Authenticator on your smartphone. Afterward, any time you try to log into a website that two-factor authentication, you will supply your username and password to the website you're visiting. The Authenticator will generate another password, which is one time only. That same password will be separately generated by the website itself. Once you enter it you'll be able to browse as normal.
Sounds complicated, right? The way this works is the selected website will transmit a shared secret key to you via a secure channel, which will be stored in the Google Authenticator app itself. You'll need this key for any and all future visits to the website.
The benefit of this whole process is that knowing your username and password won't be enough to hack your accounts. An attacker would also need to have physical access to your smartphone and the secret key itself. This drastically reduces the chances of having your security breached.
What if I lose my Google Authenticator key?
First of all, it's recommended that you change your Google account login and password to prevent hacks while you recover your key. Here's how that can be done.
Use a backup phone.
If you have a backup phone listed Google can send the codes to it in the event you lost your main one.
Sign in from your computer.
If you're logged into your Google account on your computer you might be able to disable the two-step verification until you can get back your verification key.
Get a new phone.
You may be able to get a phone or SIM card with the same number depending on your chosen carrier.
Fill out an account recovery form.
This is the hardest and longest step. It's generally a last resort.
- Sign in to your Google account.
- Navigate to the verification code page.
- Select "More options".
- Click "Get help".
- Then "Request Google's help".
Take your time to fill out the form. It will be based on the things Google knows about you, like when you created your account, which services you use etc. Be careful and be honest with each question.