Using 2FA on Google? Download Your Backup Codes Now!

Akshata Shanbhag 01-10-2015

Do you have two-factor authentication What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More  (2FA) enabled on your Google account? Good. That’s smart. But don’t ignore the next important step!


Google provides a set of backup codes after you set up 2FA. If your primary authentication device is unavailable and you don’t have a backup phone on record, retrieving your Google account can be a nightmare. When this happens, there’s no way for you to receive the verification code.

That’s what these backup codes are for.

The account recovery process that Google has in place isn’t guaranteed to work. It involves recalling things like the month and year in which you set up your Google account. Can you believe that? But if you have your backup codes, you can bypass this headache.

Here’s how you can download the codes. When you’re signed into your Google account, click on your email ID at the top right. From the dropdown that appears, click on My Account.

Then follow this trail: Sign In & Security > Signing In to Google > Password & Sign-In Method > 2-Step Verification. You’ll find the backup codes in the Verification Codes tab on the next screen. Download or print them — and while you’re at it, add a backup phone number. You’ll thank us one day.



Remember that each backup code works only once, but you can always generate more if you run out.

Have you ever been locked out of your Google account because you didn’t have any backup codes handy? How did you get back in? If you have any tales of caution to share with our readers, feel free to do so in the comments.

Image Credit: jepoirrier

Related topics: Online Security, Password, Two-Factor Authentication.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Anonymous
    October 2, 2015 at 9:46 am

    I couldn't find my phone yesterday and tried to use Googles own "find my phone" via my chromebook.

    I was asked to log in to my account (for security reasons) but had to type in my 2FA number. The only there was that I use my phone for that process.


    Luckily I found my phone rather quickly but I totally forgot that I could have used the back up codes I had in a file on my google drive.

    Ig guess it goest o show that technology can only only help us so far and is no help when the human behind is being a complete idiot!

    Next time I'll try my best to remember I have back up codes to hand!

    • Akshata Shanbhag
      October 2, 2015 at 11:54 am

      Hahaha...that could happen to anyone :D

  2. Anonymous
    October 1, 2015 at 1:00 pm

    My SIM Card had expired and unfortunately had 2FA activated on my Google account using my phone number to receive verification code and without it, I can no longer access my account. Tried to different options to recover my account but to no avail. Microsoft has more options, but safer ways to recover accounts activated with 2FA.

    • Akshata Shanbhag
      October 2, 2015 at 5:40 am

      Sorry to hear that, Mel. I agree that Google's recovery process can be tricky. It isn't guaranteed to work. Have you given up on your Google account or are you still trying to get in?

      • Mel P.
        November 24, 2016 at 12:06 am

        Apologies for the late response. Yeah, I have given up my Google account. Created a new one instead. Microsoft's account recovery is now more robust. Offering more, but secured options to recover your account, including text messages and their account verification app available on android mobile phones.

  3. Anonymous
    October 1, 2015 at 5:36 am

    This is why I refuse to use 2FA. I travel all over the world 4-6 months out of the year - and I don't travel with my phone.

    I use long, complicated an unique passwords and I use my own devive (tablet) - and nowadays, email, bank, and many other websites are accessed via encrypted HTTPS. So I should only be vulnerable via 'man in the middle' attacks - and that would happen if the device itself is compromised. But that is mitigated by carefully downloading only popular AND reputable apps from Google -- and from using antimalware.

    I know it's not 100% (nothing is), but 20 years of round the world travels (ladt 5 using tablets) - and zero mishap. To me, the current setup is safe enough - without need for the hassle of 2FA.

    • Akshata Shanbhag
      October 2, 2015 at 5:36 am

      I do see the benefits of your approach. 2FA is not 100% foolproof, but if you're using it, having download codes can come in really handy.