To move the Microsoft Authenticator app from an old phone to a new phone safely, you need to:

1. Turn on cloud backup on your old device (if you still have access to it).
2. Install Microsoft Authenticator on your new device.
3. Restore from backup or re-add accounts manually.
4. Verify every account works on the new phone before you wipe or sell the old one.

Below is a complete step-by-step guide for both Android and iPhone, plus what to do if you no longer have your old device.

# 1. Before You Start: Important Notes

• Do not erase or reset your old phone until you:
  • Confirm all accounts are working on the new phone, and
  • Can log in with 2FA codes from the new device only.
• Some accounts (especially work or school Microsoft 365 accounts) may require admin or additional security steps.
• You’ll usually need:
  • Your Microsoft account login (https://account.microsoft.com), and
  • Access to at least one backup method (SMS, email, backup codes, or another authenticator).

Official Microsoft documentation is available here for reference:

• Microsoft Authenticator on Android: https://support.microsoft.com/account-billing/use-the-microsoft-authenticator-app-for-two-step-verification-67759f1c-0e90-4bd3-b1ba-5f9b9f93c351
• Microsoft Authenticator on iOS: https://support.microsoft.com/account-billing/back-up-and-recover-account-credentials-in-the-authenticator-app-5b223180-8b0b-4d2c-9a08-ef0a4ea1d748

# 2. Turn On Cloud Backup on the Old Phone

If you still have the old phone, enable backup so you can restore most accounts easily.

# 2.1 On Android

1. Open Microsoft Authenticator.
2. Tap the three dots (⋮) in the top-right corner.
3. Go to Settings.
4. Under Backup, turn on Cloud backup.
5. Sign in with your Microsoft account when prompted (this is what the backup will be tied to).
6. Wait until you see status like “Last backup: just now”.

The backup is stored in your personal Microsoft account (not in Google Drive).

# 2.2 On iPhone (iOS)

1. Open Microsoft Authenticator.
2. Tap the hamburger menu (☰) or menu icon in the top-left/right.
3. Go to Settings.
4. Under Backup, turn on iCloud Backup.
5. Sign in with your Microsoft account if asked.
6. Confirm a recent backup date/time is shown.

The backup is stored in iCloud, linked to your Microsoft account in the app.

Note: Some accounts (especially non‑Microsoft TOTP accounts like Google, GitHub, Binance, etc.) may or may not be fully restored depending on how they were added. Always verify them individually later.

# 3. Install Microsoft Authenticator on the New Phone

# 3.1 Download the App

• Android:
  Get it from Google Play: https://play.google.com/store/apps/details?id=com.azure.authenticator

• iPhone (iOS):
  Get it from the App Store: https://apps.apple.com/app/microsoft-authenticator/id983156458

Install, then open the app.

# 4. Restore Accounts on the New Device

# 4.1 Sign In and Restore from Backup

1. Open Microsoft Authenticator on the new phone.
2. On the welcome screen, choose Restore from backup (wording may vary slightly).
3. Sign in with the same Microsoft account you used for backup on the old phone.
4. Select the backup to restore (usually just one, from your old device).
5. Wait while Authenticator restores the accounts.

You should see your accounts appear in the app, often marked as “Requires revalidation” or similar.

# 5. Re-Verify Each Account (Critical Step)

Even after restoring, you must confirm each account actually works.

For each account in the list:

1. Try logging in to that service on a browser (for example,
   • Microsoft: https://login.live.com or https://portal.office.com
   • Google: https://accounts.google.com
   • GitHub: https://github.com/login
   • Any other site using 2FA).
2. When prompted for a code, open Microsoft Authenticator on the new phone:
   • If it’s a push approval: tap Approve or Deny.
   • If it’s a time-based code (TOTP): enter the 6‑digit code shown.
3. Confirm the login succeeds.

If any account fails:

• Re-add that account manually (see section 7. Re-Add Accounts Manually (If Needed) below).
• Update recovery options while you’re there (add email, SMS, backup codes).

Do not proceed to wipe the old phone until all critical accounts work from the new device.

# 6. Move Your Primary Microsoft Account (Personal, Work, or School)

Microsoft accounts often use number matching or push notifications.

# 6.1 Move a Personal Microsoft Account

1. Go to https://account.microsoft.com/security and sign in.
2. Under Advanced security options, find Additional security / Two-step verification.
3. Ensure:
   • Microsoft Authenticator on the new phone shows your account.
   • You can approve sign-in requests from the new phone.
4. If needed, remove the old device from your list of sign-in methods.

More info: https://support.microsoft.com/account-billing/how-to-use-two-step-verification-with-your-microsoft-account-11720fa4-06f0-4b79-b41d-3a1e6a46d62b

# 6.2 Move a Work or School (Azure AD / Entra ID) Account

If your work or school uses Microsoft 365, Azure AD or Entra ID:

1. Go to your organization’s sign-in page (e.g. https://portal.office.com or a company portal).
2. Sign in and use any existing method (old Authenticator, SMS, hardware token, etc.).
3. Go to My Sign-Ins: https://mysignins.microsoft.com/security-info
4. Under Security info, add Microsoft Authenticator on the new phone:
   • Choose Add method → Authenticator app.
   • Follow steps to scan the QR code from the new device.
5. Once the new phone is working:
   • Remove the old phone as a sign-in method.

If you get stuck, contact your IT admin—some organizations restrict authenticator changes.

# 7. Re-Add Accounts Manually (If Needed)

Some accounts will not move automatically and must be reconfigured.

# 7.1 General Steps to Re-Add Any 2FA Account

For each service (Google, Facebook, GitHub, etc.):

1. Sign in to the service’s website using your usual login.
2. Go to Security or Account Settings. Look for:
   • “Two-step verification” / “Two-factor authentication (2FA)” / “Authenticator app”.
3. Choose Change authenticator app or Set up authenticator app.
4. A QR code will appear on-screen.
5. On your new phone, open Microsoft Authenticator:
   • Tap + (Add account).
   • Choose Other (Google, Facebook, etc.) or the specific service type.
   • Scan the QR code from your browser.
6. Enter the 6‑digit code from Authenticator into the website to confirm.
7. Save any backup codes the website offers and store them somewhere safe (password manager, printed copy, etc.).

Repeat this for every important account you see in your old Authenticator that did not transfer via backup.

# 8. What If You No Longer Have the Old Phone?

If your old phone is lost, broken, stolen, or reset, you have two main options:

# 8.1 Use Cloud Backup (If It Was Enabled Before)

If you had previously turned on cloud backup:

1. Install Microsoft Authenticator on the new phone.
2. Choose Restore from backup on first launch.
3. Sign in with the same Microsoft account used for backup.
4. Restore, then test each account as described above.

# 8.2 Recover Access Using Backup Methods (If No Backup)

If you did not set up cloud backup:

1. For each service you’re locked out of:
   • Go to the login page.
   • Choose “I can’t use my authenticator app”, “Lost 2FA device”, or “Use another verification method”.
2. Use one of:
   • SMS to your registered phone number.
   • Backup email.
   • Backup codes (recovery codes) you saved earlier.
   • Security questions or other methods.
3. Once you regain access:
   • Go into the account’s Security / 2FA settings.
   • Turn off old 2FA (if needed), then turn it back on using the new Microsoft Authenticator app.
   • Scan the new QR code with your new phone.

If you have no backup methods at all, you’ll need to follow each service’s account recovery or support process. For example:

• Microsoft account recovery: https://account.live.com/acsr
• Google account recovery: https://accounts.google.com/signin/recovery
• GitHub recovery: https://github.com/password_reset

Some platforms may take several days and may ask for identity verification.

# 9. Disable Authenticator on the Old Device (After Successful Migration)

Once you’ve confirmed that all your important accounts work on the new phone:

1. Open Authenticator on the old phone.
2. Remove each account from the app (if you still have the device).
3. On each website’s Security page, verify the old device is no longer listed as a 2FA method.
4. You can now factory reset, sell, or give away the old phone safely.

# 10. Best Practices After Moving Microsoft Authenticator

To avoid lockouts in the future:

• Enable backup on your new phone right away.
• For each important account:
  • Add at least one extra method: SMS, backup email, security key, or another authenticator app.
  • Download and securely store backup codes.
• Consider using a password manager (for example:
  • 1Password: https://1password.com
  • Bitwarden: https://bitwarden.com
  • LastPass: https://www.lastpass.com)
• Periodically review your Security / 2FA settings for all major accounts.

# 11. Quick Checklist: Moving Microsoft Authenticator to a New Phone

1. On old phone:
   • Turn on cloud backup in Microsoft Authenticator.
2. On new phone:
   • Install Microsoft Authenticator.
   • Restore from backup using the same Microsoft account.
3. For each account:
   • Log in and verify 2FA from the new phone works.
   • Re-add manually for any account that fails.
4. For Microsoft / work / school:
   • Update methods at https://mysignins.microsoft.com/security-info.
5. When done:
   • Remove accounts from old Authenticator.
   • Wipe or dispose of old phone safely.

If you describe your exact situation (Android → iPhone, iPhone → Android, lost device, work account, etc.), I can outline a more specific, minimal set of steps tailored to you.