How to Properly Back Up Microsoft Authenticator (and Save Yourself Hours of Hassle)
We’ve seen this happen far too often.
A user upgrades to a new phone, downloads Microsoft Authenticator, signs in, and suddenly every account is missing. No authentication codes, no access to critical apps, and an urgent call to IT support. What should have been a simple phone migration quickly turns into hours of MFA resets, account recovery requests, and unnecessary downtime.
The good news is that Microsoft Authenticator includes a built-in cloud backup feature that can make transferring your accounts fast and painless — but only if it’s configured properly ahead of time.
In this guide, we’ll walk through how to correctly back up and restore Microsoft Authenticator so you can avoid losing access to your accounts.
Multi-factor authentication (MFA) is one of the most effective ways to secure your accounts. However, your authenticator app can also become a single point of failure if it isn’t backed up correctly.
If your phone is lost, damaged, replaced, or reset without a backup in place, you could lose access to:
Recovering access often means manually resetting MFA for every account one by one. Depending on the service, this can range from mildly inconvenient to extremely time-consuming.
There’s another critical detail many users don’t realize:
Microsoft Authenticator only maintains a single active cloud backup. If you install the app on a new device and sign in before restoring the backup, the app may create a brand-new empty backup and overwrite the previous one permanently.
That’s the mistake we want to help you avoid.
The setup process is slightly different depending on whether you use Android or iPhone.
On Android devices, backups are stored in Microsoft’s cloud and tied to a personal Microsoft account.
To enable backup:
Once enabled, your authenticator data will be encrypted and securely backed up to Microsoft’s cloud.
Important: Work or school accounts alone will not enable backup on Android. A personal Microsoft account is required.
On iOS devices, backups are handled through iCloud.
Before enabling backup inside Authenticator, verify the following are enabled on your device:
You can confirm this under your Apple ID settings in iOS.
Then:
Your authenticator data will now be backed up through your Apple ID and stored securely in iCloud.
Important: Microsoft updated the iOS backup process to rely on iCloud and Apple Keychain. Make sure your app is fully updated before beginning.
After setup, return to the Settings menu inside Microsoft Authenticator and verify a recent backup timestamp appears.
If you see an error message such as “Something went wrong,” it usually indicates:
Resolving these issues before replacing your phone is critical.
This is where many users accidentally create problems.
When opening Microsoft Authenticator on a new device for the first time, always choose:
before signing into the app normally.
If you sign in first, the app may generate a new blank backup and overwrite your existing backup.
If you accidentally signed in already, sign out immediately and restart the restore process.
Some accounts may display “Action required.” This is normal and simply means additional verification is needed.
If the restore option does not appear:
Once your accounts return, you may see some entries labeled “Action required.”
This typically happens with:
Simply follow the prompts to re-authenticate those accounts.
For standard six-digit authentication codes (TOTP accounts), no additional action is usually required.
A few minutes spent configuring Microsoft Authenticator backup today can save hours of frustration later.
At LI Tech Advisors, we regularly help businesses recover from avoidable MFA lockouts caused by improper phone migrations. The best defense is preparation.
Anthony has been in the MSP business since before the acronym existed. Managed IT once started as break-fix solutions and some light phone support.
Since then, he has seen the industry flourish into a landscape of platforms, cloud servers, software tools and AI . Tailoring network configurations and software stacks to the specific needs of each business.
In his current role, he focuses on proactive planning, ensuring clients can avoid potential issues altogether. This involves meticulous planning for enhanced business continuity, allowing swift resolution of any unforeseen challenges. What initially began as addressing "fires" through break-fix solutions has evolved into a proactive approach, ensuring that such issues are prevented from arising in the first place.
