What Is Google Authenticator?

Google Authenticator is a free app that generates time-based 6-digit codes used as a second factor when logging into accounts. Even if someone knows your password, they cannot log in without also having the code from your phone. It works without mobile data or internet β€” codes are generated locally on your device.

How to Set Up Google Authenticator

  1. 1

    Download the app

    Search for Google Authenticator in the App Store (iPhone) or Play Store (Android). Download the free official app from Google LLC.

  2. 2

    Go to the account you want to protect

    On the website or service you want to secure (Google, Facebook, Instagram, your bank, etc), go to Security settings and look for Two-Factor Authentication, 2-Step Verification or Authenticator App.

  3. 3

    Select Authenticator app

    Choose the authenticator app option. The website will show a QR code on screen.

  4. 4

    Scan the QR code

    Open Google Authenticator β†’ tap the + button β†’ Scan a QR code. Point your camera at the QR code on the screen. The account is added to the app instantly.

  5. 5

    Enter the 6-digit code to confirm

    The app immediately starts showing a 6-digit code that changes every 30 seconds. Enter the current code on the website to confirm the setup worked.

  6. 6

    Save your backup codes

    Most services show backup/recovery codes when you set up 2FA. Save these somewhere safe β€” a password manager, printed paper in a drawer. These are how you get back in if you ever lose your phone.

If you lose your phoneWithout backup codes, getting back into 2FA-protected accounts is genuinely difficult. Always save backup codes when setting up any 2FA. Most services have an account recovery process but it can take days. Consider using Google Authenticator's built-in account backup (Settings β†’ Transfer accounts β†’ Export) to back up to another device.

Using Authenticator to Log In

When logging in to a protected account, after entering your password you will be asked for a verification code. Open Google Authenticator, find the account, and enter the current 6-digit code. You have 30 seconds before it changes β€” enter it promptly.

Frequently Asked Questions

You can transfer accounts to a new phone using Settings β†’ Transfer accounts β†’ Export in the app. You can also scan the same QR code on multiple phones at setup time to have the code on both devices. However, most people use one phone and rely on backup codes as a fallback.
Yes β€” significantly. SMS codes can be intercepted via SIM swapping attacks where someone convinces your carrier to transfer your number. Authenticator codes exist only on your physical device and cannot be intercepted remotely. Always prefer an authenticator app over SMS when both options are available.