Setting up Google Authenticator on your phone requires only a few steps and about 5 minutes. It has become the standard way to use 2-factor authentication (2FA) to secure your online accounts, and we’re going to walk step-by-step through the setup process.
In this Google Authenticator setup tutorial, you have the choice of either watching the video and following along…
…or scrolling through the written instructions step by step.
Most experts now agree that Google Authenticator isn’t the most secure option. It’s better than nothing, but click the link here to understand why it isn’t secure and what free alternatives exist.
In 10 minutes or less, you will install and be properly using Google Authenticator on your mobile device.
Google Authenticator Setup Tutorial (Video)
The following video on the All Things Secured YouTube channel is part of our Tech Tips Tuesday segment where we cover important changes you should start making in your online security.
Give it a quick watch:
Be sure to subscribe to the All Things Secured YouTube channel!
How to Install & Use Google Authenticator
Time needed: 10 minutes.
In order to use Google Authenticator as a form of 2-factor authentication, take note of the following steps.
- Download the Google Authenticator App
The Google Authenticator app is available on both the iOS App Store as well as the Google Play store. It’s free to download and use, so there’s no need to pay any subscription fee. I recommend you download the app on your phone instead of a tablet, since you’ll need to have the device always with you when a code is required.
- Locate 2-Factor Authentication Settings
Within the security settings of many online accounts, you’ll find an option for 2-factor authentication (2FA). Most major social platforms (Facebook, Instagram, Twitter), email providers and investment accounts will offer 2FA, but not all of them do. In the example here, you’ll see the 2-Factor Authentication settings from within Facebook.
- Scan the QR Code or Enter Code Manually
When you set up Google Authenticator for 2-factor authentication, the account security settings will either display a QR code or a 32-digit code (or both).
Click the “+” button on the top right corner of the Google Authenticator app and choose “Scan barcode”. If you only have one device, you can manually set up your 2FA codes with the code.
- Confirm 2FA Code
After the QR code has been scanned or the 32-digit code entered, you’ll see the new account show up on the home screen of the Google Authenticator app. In the account settings where you’re attempting to set up 2-factor authentication, click “Next” or “Continue” where you’ll usually be asked to confirm the code has been set up correctly.
- Use the Google Authenticator 6-digit code to Sign In
At this point, your 2-factor authentication has been configured and the app has been set up properly. Depending on your settings, you may be required to enter this 6-digit code every time you log in, every time you set up a new device or even just once every set period of days/weeks.
Pro Tips for Using 2FA Authenticator Apps
While the app itself is very simple, there are a few pro tips I’ve learned from using the app for the past couple of years.
- App Security: The Google Authenticator app does not require a password or biometric data (Face ID, Fingerprint, etc.) to open. This means that the app’s security is dependent on how well you secure your phone. Make sure you have at least a 6-digit code to unlock your phone.
- Backup Codes are Important: Scanning the QR code is by far the most convenient way to set up Google Authenticator. However, it’s important that you keep the manual code in an extremely safe place in the event that your phone gets lost or stolen. These backup codes could save you a ton of headache in the future!
- Use Multiple 2FA Options: For most online accounts, you’re not restricted to just one form of 2-factor authentication. For example, you could set up Facebook with both the Google Authenticator as well as with a 2FA security key. Either could be used to verify your account and act as a backup for each other. I use and recommend is Yubikey.
- Tap to Copy the Code: Usually, 6 digits is pretty easy to remember, but not always. If you’re logging on to an account from your phone and it requires you to open the authenticator app for a code, simply tap the appropriate code and it will be copied to your clipboard. Now you no longer have to remember it!
If you have any other tips to add here, I encourage you to share them in the comment section below!
Google Authenticator Frequently Asked Questions
There are quite a few questions that I get from people about using this app for 2-factor authentication. Let’s answer the most common ones here.
The key for Google Authenticator is the QR code or the 32-digit code provided in the 2-factor authentication settings of the online account you are trying to secure. This key can either be scanned or manually entered into the Authenticator app.
Yes, you can…although for security reasons this is generally not recommended. Simply use the same QR code or manual code provided by your online account to set up both devices at the same time and check to make sure that they provide the same 6-digit code for 2FA verification.
Because Google Authenticator does not sync data with the cloud, moving Google Authenticator to a new device requires moving each login individually over to the new device. Make sure you still have your old device handy while making this switch, or at least have the backup codes that were provided when you first setup Google Authenticator.
For the most part, yes. Using an authenticator app is better than using SMS text codes for 2-factor authentication, but not quite as secure as using physical 2FA keys. There have been reports that Android malware can steal these one-time passcodes (OTP), but this is extremely rare.
Yes! It is possible to migrate your codes to a new phone, but it usually requires access to your old phone with the Google Authenticator app. You can follow this tutorial to transfer your Google Authenticator codes to see how it’s done.
Next Steps in Online Security
Congrats on setting up 2-factor authentication on your mobile device!
This is the first of many steps that I recommend you take to start taking control of your online security and privacy. I even have a helpful checklist you can download that will walk you through the most important changes you need to make.
So what’s next? Here are a few things to consider:
- Get Better Passwords: Not every online login allows for 2-factor authentication, so creating stronger passwords is incredibly important! You can check your current password strength using our password checker tool or you can browse our list of the best password manager apps.
- Update Your Privacy Settings: You may not realize all the information you’re giving away for free to anybody who is willing to dig a bit! One of the best things you can do is change the privacy settings on your Facebook account to make sure you’re only sharing your information with the people you want to see it.
- Start Using a 2FA Key: Most experts agree that the most secure form of 2-factor authentication is using a physical key. To learn more about this, check out our 2FA security key setup tutorial.
- Monitor Your Identity: Did you know that you can download a free copy of your credit report once per year? And since there are three credit bureaus, you can do this at least once every 4 months. Make sure there isn’t anything unusual. And if you know that your data has been exposed, you should get a credit monitoring service like IdentityForce. Think of it like an home alarm system for your identity.
Timaree A Purcella says
thank you wrote everything down , now i will do it !
Josh Summers says
Awesome! I hope it works well for you, Timaree 🙂