Name:
Issuer:
Type:
Counter:
Press Enter or Space to copy.
One-Time Password Secret Extractor
This tool extracts One-Time Password secrets from the Google Authenticator or LastPass Authenticator apps. There is no software to install, and no data ever leaves your device.
All processing of your QR codes and secrets happens entirely offline, locally, right here in your browser.
This tool reads QR codes from Google Authenticator or LastPass Authenticator's export feature and gives you back the original secret for each account. You can then use these secrets to import your accounts into any other authenticator app.
1. Export from your One-Time Password App
Export from Google Authenticator
- Open the Google Authenticator app on your phone.
- Go to the menu and select "Transfer accounts" > "Export accounts".
- Select the accounts you wish to export.
- Take a screenshot of each QR code that is displayed.
Export from LastPass
- Open the LastPass Authenticator on your phone.
- Click on the cog and select "Transfer accounts" > "Export accounts to QR code".
- Take a screenshot of each QR code that is displayed.
(For lastpass, you can also choose "Export accounts to file" and upload that instead. This tool supports both formats.)
2. Extract Secrets
- Click "Select QR Code Image(s)" or drag and drop your screenshot(s) onto the page.
3. Use Your Secrets
- The tool will display the extracted OTP secrets, each with its own QR code and secret key.
- You can now import these secrets into your preferred authenticator app or password manager.
Google Authenticator lets you transfer your accounts to a new phone, but it doesn't provide an easy way to export them to other apps like 1Password or Bitwarden. This is because it hides the original "secret" (the QR code you first scanned) for each account.
Without these secrets, moving to a new password manager means manually re-configuring 2FA for every single account, which is a huge pain.
While other tools exist to solve this, they often require technical steps like running scripts or installing software. This tool is designed to be a simple, secure solution that anyone can use.
You provide screenshots of the QR codes from Google Authenticator's export feature. This tool reads those QR codes—right here in your browser—and gives you back the original secret for each account. You can then use these secrets to import your accounts into any other authenticator app.
Yes. Security and privacy are the top priorities. Nothing you do here ever leaves your computer or mobile device. All processing happens locally, offline, right in your browser. Your QR code images and secrets are never sent to any server.
This tool is open-source and the code can be inspected by anyone, to verify its safety and methodology. It is hosted on GitHub pages, providing a secure and transparent deployment process.
Google Authenticator makes it difficult to view the original secrets used to set up your accounts. Instead, they provide an export QR code that bundles all your accounts together. This makes it easy to transfer to a new device, but difficult to switch to a different authenticator app. LastPass also provides individual QR codes for each account, which is a huge improvement, but it only provides the text secrets in a JSON code format. In contrast, apps like 1Password make the original secrets easily accessible, allowing for simple transfers to other 2FA apps.
That's a great question, and one that others, have asked. One reason given is a concern that Google's export format might change. However, this format has been stable for years, and other apps (like Aegis Authenticator) support it without issue. It seems password managers like 1Password could easily support direct imports, but have chosen not to.
LastPass puts all of your accounts together into one QR code, and if you have many accounts this can make the details of the code hard to read. Google Authenticator works around this issue by providing more than one code, each containing a few accounts. Luckily, LastPass allows you to export a json file, which this tool can also read, so just upload that instead.
This tool was created by Matthew Carroll, a developer who was frustrated with the process of migrating OTP codes from Google Authenticator into 1Password.
This tool builds on the work of several open-source projects, including:
- Extract OTP Secrets, the python script by Roland Kurmann, on which this tool is based.
- Aegis Authenticator and Chris van Marle, for the export protobuf specification.
- Google Authenticator Exporter, another python script solution to the same problem.
The user interface and QR code processing are powered by these open-source libraries:
- jsQR for decoding QR codes from images.
- pica for high-quality image resizing.
- protobuf.js for decoding the Google Authenticator data payload.
- qrcode for generating new QR codes for each account.
- thirty-two for Base32 encoding the OTP secrets.
- Font Awesome for the icons used in the UI.
Thank you to all the contributers to these excellent projects!
Gemini Code Assist was used during the development of this tool. All AI-generated code has been carefully manually reviewed.
For the people and places you love
The development of this tool was made possible in part through the support of Stand.earth. If you find this useful, please consider making a donation to support Stand's work.
or drag and drop files here
QR: