![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 53%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVF%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
If the old phone is already gone, the Authenticator app on the new phone cannot automatically “see” or copy the old sites unless a cloud backup was previously configured on the same platform (iOS→iOS or Android→Android). Use these options:
- If a cloud backup was enabled on the old phone (same OS type)
The accounts can be restored to the new phone by signing into the same backup account in Microsoft Authenticator and using the restore option. Note that:- Backups are platform-specific: an iOS backup cannot be restored on Android, and vice versa.
- If no backup was configured, or the platform changed (iOS↔Android)
Each account must be re‑added manually using its provider’s recovery process:- For Microsoft accounts, sign in to the Microsoft account Security page and add Authenticator again:
- Go to https://account.microsoft.com/security and sign in.
- Select Manage how I sign in.
- Select Add a new way to sign in or verify.
- Choose Use an app.
- In Microsoft Authenticator on the new phone, tap +, choose Personal account, then Scan a QR Code, and scan the QR shown on the security page.
- For work/school Microsoft 365 accounts, sign in to the Additional security verification or Security info page (often via office.com → View account → Security info) and follow the prompts to add the Microsoft Authenticator app as a sign-in method again.
- For non‑Microsoft sites (banks, social, etc.), use each site’s own 2FA recovery or “lost phone/new device” process to register the new Authenticator app.
- For Microsoft accounts, sign in to the Microsoft account Security page and add Authenticator again:
- If locked out of a Microsoft 365 work/school account
- Contact the organization’s Microsoft 365/Entra administrator and ask them to reset MFA so Authenticator can be set up again on the new phone.
- If the locked account is the only global admin for a business tenant, a support ticket with Microsoft’s Data Protection team is required (opened via Microsoft 365 support or by phone) so they can verify identity and restore access.
- If still signed in somewhere
If there is an active session on a PC or browser, use it to:- Turn off two-step verification temporarily (for personal Microsoft accounts) or
- Change MFA methods / re-register the Authenticator app, then sign in on the new phone and re-enable MFA.
For the future, enable cloud backup in Microsoft Authenticator so accounts can be restored easily when changing devices. Remember that backups only restore to the same device type (iOS→iOS or Android→Android).
References:
- Back up your accounts in Microsoft Authenticator
- How to add your accounts to Microsoft Authenticator
- Use a screen reader to set up and troubleshoot multifactor authentication
- Microsoft Authenticator FAQs
- Cannot authenticate with E-mail when logging into Microsoft Authenticator(iOS). - Microsoft Q&A
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A
- Severity A Situation - Locked out of global admin account (MFA) - business down - Microsoft Q&A
- Cannot unlock the Autheticator - Microsoft Q&A