Google Authenticator is free, works offline, and is supported by virtually every service that offers 2FA. Here's proper setup — including the backup step 90% of guides skip.
Installation
Free on iOS (App Store) and Android (Google Play). Install before proceeding.
Enable on a Service (Gmail Example)
- Google Account → Security → 2-Step Verification → Get started
- Scroll to "Authenticator app" → Set up
- Open Authenticator → tap + → Scan QR code
- Scan the code on screen
- Enter the 6-digit code to verify
⚠️ The Step Everyone Skips: Save the Secret Key
Behind every QR code is a Base32 secret key — the actual cryptographic secret generating your codes. Lose your phone without saving it and you're locked out.
During setup, look for "Can't scan QR code?" or "Show key." Copy the Base32 string and store it in your password manager alongside your password.
Save Backup Codes
Most services provide 8–10 single-use backup codes. Download and store offline — print, USB, or secure note.
Lost Your Phone?
- Use a saved backup code
- Use your Base32 key in another authenticator app or ZeroPhantom's 2FA generator
- Contact the service's account recovery (can take days)
Generate codes without your phone — free browser TOTP generator →