Two-factor authentication has become an essential security precaution for many people, but it can also be a source of anxiety. When you change or upgrade phones, Google Authenticator doesn’t migrate codes automatically—you need to do that manually.
两因素身份验证已成为许多人必不可少的安全预防措施,但它也可能会引起焦虑。 更换或升级手机时,Google Authenticator不会自动迁移代码-您需要手动进行。
Thankfully, it’s not difficult to move Google Authenticator codes from one phone to another, although, admittedly, it can be somewhat cumbersome and time-consuming. Google intended this, more or less, by design. It shouldn’t be too easy to retrieve authentication codes from anywhere except the device you’re using for your two-factor authentication, or the whole value of 2FA would be moot.
值得庆幸的是,将Google Authenticator代码从一部手机转移到另一部手机并不难,尽管可以承认,这可能有些麻烦且耗时。 Google或多或少是故意设计的。 除了要用于两因素身份验证的设备之外,从任何地方检索身份验证代码都不应该太容易,否则2FA的全部价值将无济于事。
Nonetheless, here’s what you need to know to get Google Authenticator (and all of your authentication codes) from an old phone to a new one. Whether you’re jumping platforms or staying within your iOS or Android universes, the process is the same.
尽管如此,这是从旧手机到新手机的Google身份验证器(以及所有身份验证代码)的了解。 无论您是跳平台还是停留在iOS或Android Universe中,过程都是相同的。
将Google Authenticator移至新手机 (Move Google Authenticator to a New Phone)
First of all, don’t do anything to the copy of Google Authenticator on your old phone. Leave it be for now, or else you might get caught without a way to enter 2FA codes before the new phone is set up. Start by installing Google Authenticator on your new device—either Google Authenticator for iPhone or Google Authenticator for Android.
首先,不要对旧手机上的Google Authenticator副本执行任何操作。 暂时将其保留,否则在设置新手机之前,您可能会被困而无法输入2FA代码。 首先在新设备( 适用于iPhone的 Google Authenticator或适用于Android的 Google Authenticator)上安装Google Authenticator。
Next, you’ll need your computer. Open Google’s 2-Step Verification page in a browser and log into your Google account when it asks you. In the “Authenticator app” section of the page, click “Change Phone.”
接下来,您将需要计算机。 在浏览器中打开Google的两步验证页面 ,并在询问您时登录到您的Google帐户。 在页面的“ Authenticator应用程序”部分中,单击“更改电话”。
Choose the kind of phone you are migrating to and click “Next.”
选择您要迁移到的电话的类型,然后单击“下一步”。
You should now see the “Set up Authenticator” screen, complete with barcode. Open Google Authenticator on the new phone and follow the prompts to scan the barcode. Tap “Setup,” and then “Scan a Barcode.”
现在,您应该看到“设置身份验证器”屏幕,其中包含条形码。 在新手机上打开Google Authenticator,然后按照提示扫描条形码。 点击“设置”,然后点击“扫描条形码”。
After the scan, you’ll want to enter the one-time code to verify it’s working.
扫描后,您需要输入一次性代码以验证其是否正常运行。
转移其他网站的Google Authenticator代码 (Transfer Your Google Authenticator Codes for Other Sites)
Congrats! You’ve now moved Google’s authentication code to the new phone, but that’s all; the only service you’ve set up is Google. You probably still have a slew of other apps and services connected to Google Authenticator—perhaps Dashlane, Slack, Dropbox, Reddit, or others. You’ll need to migrate each of these, one at a time. This is the time-consuming part we alluded to earlier.
恭喜! 现在,您已经将Google的身份验证代码移到了新手机上,仅此而已。 您设置的唯一服务是Google。 您可能仍然有许多其他与Google Authenticator连接的应用程序和服务-也许是Dashlane,Slack,Dropbox,Reddit或其他。 您需要一次迁移每个迁移。 这是我们前面提到的耗时的部分。
But the overall process is straightforward, even if you need to hunt around a bit for the settings. Pick a site or service that’s listed in your old copy of Google Authenticator (on the old phone) and log into its website or open the app. Find that site’s 2FA setting. It’s probably in the account, password, or security section of the website, although, if the service has a mobile or desktop app, it might be there instead. Case in point: The 2FA settings for Dashlane are found in the desktop app, not the website, while Reddit puts the 2FA controls on the site in the “User Settings” menu, on the “Privacy & Security” tab.
但是,即使您需要花些时间进行设置,整个过程也很简单。 选择旧版Google Authenticator(在旧手机上)列出的网站或服务,然后登录其网站或打开该应用。 查找该站点的2FA设置。 它可能在网站的帐户,密码或安全性部分中,但是,如果该服务具有移动或桌面应用程序,则可能在该位置。 恰当的例子:Dashlane的2FA设置位于桌面应用程序中,而不是网站中,而Reddit则将2FA控件放在站点上“隐私和安全性”选项卡上的“用户设置”菜单中。
Once you find the right controls, disable 2FA for this site. You’ll probably need to enter the password for the site, or possibly the authentication code, which is why you’ll want to have the old phone and its copy of Google Authenticator handy.
找到正确的控件后,请禁用此站点的2FA。 您可能需要输入该网站的密码,或者可能需要输入验证码,这就是为什么要方便使用旧手机及其Google Authenticator副本的原因。
Finally, re-enable 2FA, this time scanning the QR code with Google Authenticator on the new phone. Repeat that process for each site or service listed in your old copy of Google Authenticator.
最后,重新启用2FA,这次使用新手机上的Google Authenticator扫描QR码。 对旧版Google Authenticator中列出的每个网站或服务重复该过程。
一次在多台设备上启用2FA (Enable 2FA on More Than One Device at a Time)
In a perfect world, 2FA allows you to confirm your credentials using a mobile phone or some other device that you carry with you all the time, which only you have access to. This makes it very hard for hackers to spoof the system, because (unlike getting codes via SMS, which is not especially secure) there’s no easy way for bad guys to get their hands on a second-factor authorization delivered via a local app that exists only in your pocket.
在理想的环境中,2FA允许您始终使用随身携带的手机或其他设备来确认您的凭证。 这使黑客很难欺骗该系统,因为(与通过SMS来获取代码不同,后者并不是特别安全),坏人没有容易的方法来获得通过现有本地应用程序提供的第二因素授权只在你的口袋里。
Here’s what’s happening behind the scenes. When you add a new site or service to Google Authenticator, it uses a secret key to generate a QR code. That, in turn, informs your Google Authenticator app how to generate an unlimited number of time-based, one-time passwords. Once you scan the QR code and close the browser window, that particular QR code can’t be regenerated, and the secret key is stored locally on your phone.
这是幕后发生的事情。 当您向Google Authenticator添加新的网站或服务时,它会使用密钥生成QR码。 进而通知您的Google Authenticator应用如何生成无限数量的基于时间的一次性密码。 扫描QR码并关闭浏览器窗口后,将无法重新生成该特定QR码,并且密钥已本地存储在您的手机上。
If Google Authenticator were able to sync across multiple devices, then the secret key or its resulting authentication codes would have to live in the cloud somewhere, rendering it vulnerable to hacking. That’s why Google doesn’t let you sync your codes across devices. However, there are two ways to maintain authentication codes on multiple devices at once.
如果Google Authenticator能够在多个设备之间同步,则密钥或其生成的身份验证代码将必须存在于云中的某个地方,从而使其容易受到黑客攻击。 这就是为什么Google不允许您跨设备同步代码的原因。 但是,有两种方法可以同时在多个设备上维护身份验证代码。
First, when you add a site or service to Google Authenticator, you can scan the QR code onto multiple devices at once. The website that generates the QR code doesn’t know (or care) that you’ve scanned it. You can scan it into any number of additional mobile devices, and every copy of Google Authenticator you scan from the same barcode will generate the same six-digit code.
首先,当您将网站或服务添加到Google Authenticator时,可以一次将QR码扫描到多个设备上。 生成QR码的网站不知道(或不在乎)您已扫描它。 您可以将其扫描到任意数量的其他移动设备中,并且从同一条形码扫描的每个Google Authenticator副本都将生成相同的六位数代码。
We don’t recommend doing it this way, though. First of all, you’re proliferating your authentication codes to multiple devices that can be lost or stolen. But, more importantly, since they’re not really in sync, you run the risk of getting the various devices out of sync with each other. If you need to turn off 2FA for a particular service, for example, and then only re-enable it on one device, you may no longer know which device has the most current and correct authentication codes. It’s a disaster waiting to happen.
不过,我们不建议这样做。 首先,您正在将身份验证代码扩展到可能丢失或被盗的多个设备。 但是,更重要的是,由于它们并非真正同步,因此存在冒着使各种设备彼此不同步的风险。 例如,如果需要关闭特定服务的2FA,然后仅在一个设备上重新启用它,则可能不再知道哪个设备具有最新和正确的身份验证代码。 这是一场灾难,等待发生。
使用Authy使其更容易 (Use Authy to Make This Easier)
It is possible to sync your authentication codes across devices—you just can’t do it with Google Authenticator. If you want the flexibility of having all of your 2FA codes on multiple devices, we recommend Authy. It works with all the sites and services that use Google Authenticator, and it encrypts the codes with a password you provide and stores them in the cloud. This makes multiple devices and migration much easier, and the encrypted cloud-based sync offers a balance of security and convenience.
它可以跨同步您的认证码的设备,你就不能与谷歌身份验证做到这一点。 如果要灵活地将所有2FA代码存储在多个设备上, 建议使用Authy 。 它可与所有使用Google Authenticator的网站和服务一起使用,并使用您提供的密码对代码进行加密并将其存储在云中。 这使多个设备和迁移变得更加容易,并且加密的基于云的同步提供了安全性和便利性之间的平衡。
With Authy, you don’t need to set up two-factor authentication for all your devices every time you move to a new phone. We recommend making the switch from Google Authenticator to Authy to make the new-phone migration process easier in the future.
使用Authy,您不必每次移动到新手机时都为所有设备设置两步验证。 我们建议从Google Authenticator切换到Authy,以便将来简化新手机的迁移过程。
翻译自: https://www.howtogeek.com/425994/how-to-move-google-authenticator-to-a-new-phone-or-multiple-phones/
3826
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
