Transfer MFA to a New Phone

Before You Begin

Before transferring MFA to a new phone:

  • Keep your old phone until the transfer is complete if possible.
  • Ensure your new phone has internet access.
  • Download the required authenticator app(s) from your device’s app store.
  • If available, have your recovery codes or backup methods accessible.
  • Do not factory reset or trade in your old phone until you’ve verified you can successfully sign in using your new device.

Microsoft Authenticator

Option 1: Using Cloud Backup (Recommended)

On your old phone

  1. Open Microsoft Authenticator.
  2. Go to Settings.
  3. Enable Cloud Backup (Android) or iCloud Backup (iPhone).
  4. Wait for the backup to complete.

On your new phone

  1. Install Microsoft Authenticator.
  2. Open the app.
  3. Sign in with the same Microsoft account used for the backup.
  4. Choose Restore from Backup when prompted.

Option 2: Re-register Your MFA

If cloud backup is unavailable:

  1. Sign in to your organization’s security or account portal.
  2. Remove the old Microsoft Authenticator device (if required).
  3. Select Add authentication method.
  4. Choose Microsoft Authenticator.
  5. Scan the QR code displayed on the portal using the new phone.
  6. Complete the verification test.
  7. Confirm that sign-in works before removing the old phone.

Google Authenticator

Google Authenticator provides two common transfer methods.

Option 1: Transfer Using QR Codes (Recommended)

On your old phone

  1. Open Google Authenticator.
  2. Tap the menu (or three dots).
  3. Select Transfer accounts.
  4. Choose Export accounts.
  5. Verify your identity if prompted.
  6. A QR code will appear.

On your new phone

  1. Install Google Authenticator.
  2. Open the app.
  3. Select Import existing accounts or Transfer accounts.
  4. Scan the QR code displayed on the old phone.
  5. Verify that all accounts appear on the new device.

Option 2: Restore Using Google Account Sync

If account synchronization was previously enabled:

  1. Install Google Authenticator on the new phone.
  2. Sign in with the same Google account.
  3. Restore your synchronized authenticator accounts.
  4. Verify each account before deleting the old device.

Salesforce Authenticator

Salesforce Authenticator uses account pairing rather than QR-code exports.

If You Still Have Your Old Phone

  1. Install Salesforce Authenticator on the new phone.
  2. Sign in to Salesforce using your existing authentication method.
  3. Open your Salesforce account settings.
  4. Add or register a new authenticator device.
  5. When prompted, pair the new phone with your Salesforce account.
  6. Approve the pairing request using the old phone.
  7. Verify that login approvals are received on the new phone.
  8. Remove the old device from your Salesforce authentication methods if desired.

If Your Old Phone Is Lost or Unavailable

  1. Contact your Salesforce administrator.
  2. Request that your existing Salesforce Authenticator registration be reset.
  3. After the reset, sign in using the temporary verification method provided.
  4. Pair Salesforce Authenticator on your new phone.
  5. Complete a test login to confirm the new device is working.

Final Verification Checklist

Before retiring your old phone, confirm the following:

  • ✓ You can sign in successfully using the new phone.
  • ✓ Authentication approvals or verification codes are working.
  • ✓ All required accounts have been transferred.
  • ✓ Any backup or recovery methods have been updated.
  • ✓ The old device has been removed from your MFA settings (if appropriate).

Need Help?

If you experience issues transferring your authenticator:

  • Contact Hish
  • Do not erase or dispose of your old phone until the transfer is confirmed.
  • If your old phone is unavailable, be prepared to verify your identity before your MFA registration can be reset.