Swift2FAGenerate Code
Back to blog
2026-03-179 min read

How to Find Your Google Authenticator Secret Key

Learn where secret keys come from, when they can be recovered, and how to verify them safely with a browser-based generator.

Google Authenticator secret keysecret key recoveryGoogle Authenticator code generator

What the secret key actually is

Your authenticator secret key is the shared seed used to generate TOTP codes. It is often shown once during setup as a QR code and, in some services, also as a Base32 text string you can store manually.

After setup, many authenticator apps do not display that secret again. That is why account recovery becomes difficult if you never saved the original QR code, backup codes, or export data.

Where you can still find it

The easiest place to recover a secret is the original setup source: the QR image, the setup email, a password manager note, or the service’s security settings if the provider lets you re-open or rotate the 2FA setup.

Some services let you disable and re-enable 2FA to issue a new QR code. If you go that route, make sure you update every authenticator app and backup copy so you do not end up with multiple mismatched secrets.

How to extract it from a QR code safely

A TOTP QR code usually contains an `otpauth://` URL. If you decode that URL locally, you can read the secret key without sending the image anywhere else.

That is one reason local QR decoder tools are useful: they let you inspect the secret, issuer, and TOTP settings before you rely on the code.

What to do after you recover the key

Once you recover the secret, verify it immediately by generating a fresh code and comparing it against your authenticator app or the login prompt you are trying to satisfy.

Then store it carefully. A password manager secure note, an encrypted archive, or a documented hardware backup is usually better than leaving it only on one phone.

FAQ

Can Google Authenticator show me the secret after setup?

Usually no. You normally need the original QR code, the service dashboard, or an exported backup from the time you set it up.

Is it safe to keep a copy of my secret key?

Yes, if it is stored securely. Anyone with the secret can generate your codes, so treat it like a high-value credential.

Can I use the same secret on multiple devices?

Yes. That is exactly why saving the secret matters. Multiple authenticators can generate the same TOTP codes from the same key.

Keep Exploring

Generate a fresh code with our 2FA generator, decode an authenticator QR code, or browse more security guides below.

7 min read

How to Use Google Authenticator with Swift2FA

6 min read

Is Swift2FA Secure? What to Know Before Using a Browser-Based 2FA Generator

7 min read

What Is an otpauth URL? Format, Fields, and How It Powers QR-Based 2FA Setup