We often get wrapped up in the moment of getting a new phone and forget about 2FA codes and managing our Identity…
We all need these 2FA Codes to securely manage our digital footprints so it’s important to give this some thought and plan ahead.
Your mobile – It is important and integral part of your security.
Your mobile is a critical part of your security solutions and provides important functions like running your Authenticator Apps such as the Microsoft Authenticator and Google Authenticator and gives you mobile email and access to your Teams, SharePoint, OneDrive and very often your online banking just to name a few.
Even if your mobile is your personal device (not provided by your workplace) it’s still highly likely you have Authenticators or personal data to transfer.
Follow these steps to avoid login & identity issues.
Keep your old device available until you have all your Authenticators setup and working for all your accounts.
It’s your responsibility to make sure these all work before retiring your old device and you should ensure all the important apps work and that you can get into all your important accounts. We recommend you keep your old phone until you verify you have everything working the same as on your old phone and if this means carrying two phones for a couple of days then carry two phones.
Some of your Apps will require you to sign in and verify your identity in order to add a new mobile device and this will often require you to be able to do 2FA and verify your identity. To get to that part normally means you having your old 2FA codes working. We have seen some cases where you can recover backup codes or one time passwords to an email but if that has changed or you no longer have access to your backup email etc (perhaps it was an ISP based email like a Bigpond email and you cancelled it because you changed ISP…). There’s many things to check…
What about trading your old phone ?
We generally recommend against trading in your old phone in store on a new one in store as they usually wipe the trade in device before giving you the new device.
If you need to trade in then many retailers (especiallyt Apple) offer a trade-in service via post or other means so discuss this with the sales assistant. We know when others have traded a phone in they have been given around 2 weeks grace to get the old one back to the supplier and there are options to return old devices via post.
A Checklist ?
A checklist is a sign of an organised person, when changing a phone it’s a great time to start a checklist of apps and authenticator settings for next time.
If you keep your list in a place you can easily update it as things change (like OneNote) then you can adjust it as things change and it’s there to refer to next time you change your phone.
The checklist could include:
- A list of Apps you need to check
- A list of accounts to check your logins on and which 2FA method you are using for each them
- Where you stored your 2FA recovery codes
Remember it’s not just Authenticators but some things like MyGov/MyID:
We recommend using Microsoft Authenticator (icon below) to secure your Microsoft accounts.
We recommend the Google Authenticator for all your other accounts such as Xero, MYOB, and others. This is because exporting your 2FA settings in the accounts you may have in the Google Authenticator is easier than in the Microsoft Authenticator. These have also been seen to transfer easily from one device to another.
Setting up your Microsoft Authenticator
When you connect your new phone you will have to setup your Microsoft Authenticator from scratch and then you should enable Passwordless login.
You will need to know your Microsoft Password to do this, remember your password is different to your PIN. If you don’t know your password then please contact your IT support for assistance.
Once done you should go back into your Microsoft Account and look for any Microsoft Authenticators that are on your old device and remove them.
Retiring your Old Phone
Your old phone will almost certainly contain private and confidential information all over it so to protect your identity and safeguard your data you by factory resetting and wiping your old phone.
We recommend having the store wipe it in front of you and you should see the default out of box startup experience happen after this has been done. Doing a “factory reset” yourself is not hard so if you are comfortable doing it yourself, then do that.
There are many different devices on the market but here’s links to reset an iPhone and an Android phone.