Export Google Authenticator credentials to other device 获取2FA生成密码

in security •  2 years ago  (edited)

One of my favorite exchanges has revamped and they implementing a very annoying safety feature: kicking me out of the trading page every inactive 30 minutes. The result is I have to now login10 + times a day just to login to check prices or to trade. This means I have to input 2FA code from my Google Authenticator every time to login too. Together with the stupid frequent ReCaptcha verification, every login now takes me at least 30 seconds.

There is nothing I can do with the ReCaptcha as that is one of the system design, but I can simplify the 2FA process.
The method is to export credentials of Google Authenticator to the chrome extension Authenticator.

Use this trick if:

  • You did not backup the specific app's credentials (the barcode or manual entry code) when you setting up 2FA with that app.
  • You want to get the 2FA code on a computer instead of phone.

Prerequisites:

  • You are using Google Authenticator on an android device.
  • Your device must be rooted.

Procedure:

  1. In the rooted phone, use a root file explorer to get /data/data/com.google.android.apps.authenticator2/databases/databases and copy it to the computer.

  2. In computer, use Notepad++ to open the databases file.

  3. You will see lots of "null" characters but skip it all to the bottom of the file, where you see readable text like below and the red part is your credential key.

    1.PNG

  4. Copy the credential key and insert into Authenticator extension.

    Authenticator -> Edit button -> Plus button -> Munual Entry

    2.png

    1. Now you can copy the time-based access code using just a click.

      3.png


The 2FA credential is crucial for the security obviously, that's why you should not store this information in any plain text form. Encrypt it and store it somewhere offline like the USB thumbdrive. The next time you switch your phone or even lost it, you can easily recover the access code. With root access, you can also use the Titanium Backup app to backup Google Authenticator with the credential.

You should also start backing up the credential whenever you setting up a new 2FA login for a service.


双重认证(2FA)在黑客病毒猖狂的现在已经变成必要的户口保护手段了,尤其是收藏着重金的加密货币网站更是必不可少。我使用的是 Google Authenticator,由于某个常用的交易网站由于保安原因时常会需要不断的重新登入,把手机上的 Google Authenticator 移上来电脑中的 Chrome 插件 Authenticator 会方便很多。

谁适合服用:

  • 想从电脑上快速获取 2FA 密码的人。
  • 当初没有备份某个服务生成 credentials 的人。

前提条件:

  • Google authenticator 必须运行在安卓手机上。

  • 必须使用拥有超级用户权限的安卓手机

步骤见英文部分。

谁拥有用于密码生成的 credential 就可以生成 2FA access code 登入特定的服务,所以一定做好保护功夫。永远不要保存在纯文字格式。



Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

恭喜你!您的这篇文章入选 @justyy 今日榜单 【优秀被错过的文章】, 请继续努力!

Congratulations! This post has been selected by @justyy as today's 【Good Posts You May Miss】, Steem On!

I dont have a rooted device and is using Google Authenticator. Any hope for me?

Well perhaps i should consider using other 2FA apps instead.

  ·  2 years ago (edited)

The best and easy is to root the phone. But if you are not, maybe you can try disable and re-enable 2FA on the new device. Whatever 2FA apps you are using, remember

You should also start backing up the credential whenever you setting up a new 2FA login for a service.

So you can easily switch to whatever 2FA apps on whatever devices while still pointing to the same service without the troublesome disable and re-enable way.

Thanks for the advice! Yes I'll be doing that soon. It'll be a nightmare to not have 2FA credentials saved and then suddenly either lost the app or worse, the phone.

You can go to the google official site to switch 2FA device too. But of course holding the credentials is best since you will be able to access same 2FA code using multiple devices.

Qurator
Your Quality Content Curator
This post has been upvoted and given the stamp of authenticity by @qurator. To join the quality content creators and receive daily upvotes click here for more info.

Qurator's exclusive support bot is now live. For more info click HERE or send some SBD and your link to @qustodian to get even more support.

很开心再次见到你!感谢你对 @cnbuddy 的大力支持!很开心我的成长之路有你相伴。让我们携手共创 cn 区美好的明天!欢迎为我们的大股东 @skenan 打call,注册使用由其开发的 CNsteem.com。如果不想收到留言,请回复“取消”。

Congratulations @fr3eze! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You published a post every day of the week

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!