![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 8%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
There is no supported way to restore a previous Microsoft Authenticator cloud backup once it has been overwritten by a newer backup.
For Android, Authenticator keeps a single cloud backup per Microsoft account. When signing in after the reset and enabling Cloud Backup, the app created a fresh backup with the current (empty) state, replacing the prior backup. The documentation notes that if the backup is saved to the wrong account or needs to be changed, the only option is to delete the existing backup and create a new one; it does not provide any mechanism to roll back to an earlier backup snapshot.
If any of the accounts were:
- Microsoft personal accounts using only one-time password (TOTP) codes, or
- 3rd party accounts (Amazon, Facebook, Gmail, etc.) using TOTP, then those codes are only recoverable from the backup that has now been overwritten. For these, the only option is to reconfigure 2FA on each service (using their recovery methods, backup codes, or support).
If any were:
- Microsoft personal accounts with passwordless sign-in, or
- Work or school accounts, only the account names are stored in backup and sign-in is required again after restore anyway. In those cases, use each organization’s or Microsoft’s account recovery/MFA reset process to re-enroll Authenticator.
Going forward, once the correct accounts are re-added, ensure Cloud Backup is enabled under Settings in Authenticator so that a valid backup exists before any future device reset.
References: