Before You Begin
Before transferring MFA to a new phone:
- Keep your old phone until the transfer is complete if possible.
- Ensure your new phone has internet access.
- Download the required authenticator app(s) from your device’s app store.
- If available, have your recovery codes or backup methods accessible.
- Do not factory reset or trade in your old phone until you’ve verified you can successfully sign in using your new device.
Microsoft Authenticator
Option 1: Using Cloud Backup (Recommended)
On your old phone
- Open Microsoft Authenticator.
- Go to Settings.
- Enable Cloud Backup (Android) or iCloud Backup (iPhone).
- Wait for the backup to complete.
On your new phone
- Install Microsoft Authenticator.
- Open the app.
- Sign in with the same Microsoft account used for the backup.
- Choose Restore from Backup when prompted.
Option 2: Re-register Your MFA
If cloud backup is unavailable:
- Sign in to your organization’s security or account portal.
- Remove the old Microsoft Authenticator device (if required).
- Select Add authentication method.
- Choose Microsoft Authenticator.
- Scan the QR code displayed on the portal using the new phone.
- Complete the verification test.
- Confirm that sign-in works before removing the old phone.
Google Authenticator
Google Authenticator provides two common transfer methods.
Option 1: Transfer Using QR Codes (Recommended)
On your old phone
- Open Google Authenticator.
- Tap the menu (or three dots).
- Select Transfer accounts.
- Choose Export accounts.
- Verify your identity if prompted.
- A QR code will appear.
On your new phone
- Install Google Authenticator.
- Open the app.
- Select Import existing accounts or Transfer accounts.
- Scan the QR code displayed on the old phone.
- Verify that all accounts appear on the new device.
Option 2: Restore Using Google Account Sync
If account synchronization was previously enabled:
- Install Google Authenticator on the new phone.
- Sign in with the same Google account.
- Restore your synchronized authenticator accounts.
- Verify each account before deleting the old device.
Salesforce Authenticator
Salesforce Authenticator uses account pairing rather than QR-code exports.
If You Still Have Your Old Phone
- Install Salesforce Authenticator on the new phone.
- Sign in to Salesforce using your existing authentication method.
- Open your Salesforce account settings.
- Add or register a new authenticator device.
- When prompted, pair the new phone with your Salesforce account.
- Approve the pairing request using the old phone.
- Verify that login approvals are received on the new phone.
- Remove the old device from your Salesforce authentication methods if desired.
If Your Old Phone Is Lost or Unavailable
- Contact your Salesforce administrator.
- Request that your existing Salesforce Authenticator registration be reset.
- After the reset, sign in using the temporary verification method provided.
- Pair Salesforce Authenticator on your new phone.
- Complete a test login to confirm the new device is working.
Final Verification Checklist
Before retiring your old phone, confirm the following:
- ✓ You can sign in successfully using the new phone.
- ✓ Authentication approvals or verification codes are working.
- ✓ All required accounts have been transferred.
- ✓ Any backup or recovery methods have been updated.
- ✓ The old device has been removed from your MFA settings (if appropriate).
Need Help?
If you experience issues transferring your authenticator:
- Contact Hish
- Do not erase or dispose of your old phone until the transfer is confirmed.
- If your old phone is unavailable, be prepared to verify your identity before your MFA registration can be reset.