2FAApp Local-first security tools
Use tools

Recover account access after losing an authenticator app or device.

Lost Authenticator App Recovery

Work through backup codes, old devices, logged-in sessions, administrator help, and official recovery forms.

Start with assets you still control: backup codes, an old phone, a signed-in browser, or an administrator.
Use official recovery pages only. A support chat should never receive QR codes, otpauth URIs, secrets, or backup codes.
After recovery, replace the lost authenticator, regenerate backup codes, and review recent account activity.

Inventory what still works

Check whether you still have unused backup codes, the old authenticator device, a browser session that is still signed in, a second MFA method, or an administrator who can reset the factor. This determines whether you can recover quickly or must enter a slower identity-verification flow.

Try the least destructive path first

Use backup codes or an already-registered second factor before asking a platform to reset MFA. Reset flows often invalidate existing authenticators, trigger account holds, or require administrator approval.

Rebuild recovery before signing out

Once you regain access, bind a fresh authenticator, add a second independent method where the platform allows it, save a new recovery-code set, and revoke sessions or devices you no longer recognize.

Recovery actions

  • Open the platform's official recovery page from a known-good bookmark or search result.
  • Use one unused backup code if the login prompt offers it.
  • If a team owns the account, ask an administrator to follow the documented reset path rather than sharing codes.
  • After login, generate a new recovery-code set and mark the old set as retired.

Important limits

  • 2FAApp cannot bypass a platform's recovery policy or unlock accounts.
  • Recovery codes are not phishing-resistant and should be treated like emergency passwords.
  • Do not wipe the old phone until every important account has been tested on the new setup.

Related pages

2FA Backup Codes Guide Learn what backup codes are, where to find them, how to store them, and when to regenerate them. Authenticator Migration Helper Build a safe migration checklist for moving 2FA to a new phone or authenticator app.

Related questions

What are backup codes? Backup codes are one-time codes generated by the platform you are protecting. Store them somewhere safe and separate from the device that holds your authenticator. What should I do if I lost my phone with 2FA enabled? Use backup codes if you have them, check whether any device is still logged in, start the platform's official recovery process, and protect your phone number and email from takeover. Can I transfer 2FA to a new phone? Usually, yes, but the method depends on your authenticator and platform. Keep the old device until every important account has been tested on the new one.