If your device with 2FA (two factor authentication) is lost broken or stolen, you should and most likely have to change your passwords, set up 2FA again, and get new verification codes.[1]

In other words, you should and most likely have to start from scratch again due to the way 2FA works (although you can use the same email).

You should, because you compromise your security when you lose your device (because 2FA functions on a device, even without internet).

You have to in most cases, because without backup codes for every account there is no way to recover your 2FA.

TIP: It isn’t enough to just have one backup code, for example the backup codes you get when you set up Google 2FA. To fully recover your 2FA you need to have the backup codes of each account you set-up 2FA on. This code is a security token that is a string of number and letters and/or a QR code. It is the code you use to actually set up your 2FA when you turn it on on an account.

Given the above, it can be smart to always install 2FA on more than one device or to save the backup codes you get when you set up your 2FA. As both of these tactics will help speed up the process if a device is lost, broken, or stolen.

Basically there are two types of 2FA accounts. Those that you can’t recover if you lose your device, and those encrypted on a cloud that you can.

If you can recover your 2FA, then you can go through the recovery steps.

With most types of 2FA however, like with Google 2FA, the security comes from the 2FA app being device specific.

The only way to add the same 2FA with the same codes to another device is to have your backup codes.

When you first generate your 2FA you get a security token / QR code you can use to create your 2FA and you get backup codes. You’ll want to save both of these for account recovery.

Further, every time you set-up 2FA on another account you get a security token.

If you have saved all of these you can use the tokens and back-up codes to re-create your 2FA.

With that said, if you lost your phone you compromised your security… and that means you should set up a new 2FA anyway.

Still, having the backup codes / keys can make that process easier, as you won’t have to contact support for every platform with 2FA to have it reset, you can reset it yourself.

Even better, if you have 2FA on more than one device, you can quickly switch everything to a new 2FA after losing your device without having to deal with backup codes.

Get $10 in free Bitcoin when you sign up at Coinbase and buy or sell $100 in Cryptocurrency
Citations

  1. Common issues with 2-Step Verification. Support.Google.com.