Google Authenticator QR Decoder

A privacy-preserving decoder that extracts the otpauth:// URI from a Google Authenticator, Authy, or any other authenticator QR screenshot. The image is decoded entirely in your browser using jsQR; the secret never leaves your device. Useful when migrating from one authenticator app to another, backing up a fresh enrollment to a password manager, or recovering a 2FA setup after a phone switch.

How to use

1
Get a QR screenshot

Some authenticators let you re-display the QR (e.g. Authy "Show QR"). Or take a screenshot of the QR shown when you first enrol a new service.

2
Upload it here

Drop the screenshot or click to browse. The decoder will find the QR inside the image and extract the otpauth:// URI.

3
Verify the live code

Compare the 6-digit code shown to the one in your old authenticator. They should match.

4
Add to a new authenticator

Scan the re-rendered QR into your new app, or copy the secret into a password manager for backup.

🔥 Trending right now
🗣️ Text to Speech Video Enhancer ✂️ Trim Audio Audio Enhancer

Recover the secret behind a 2FA QR code so you can migrate accounts between authenticator apps

Drop a QR screenshot or click to browse
PNG, JPG, WebP, GIF ·
or
Loading QR decoder…

Decoded entry

— — — — — —
Refreshes in s
Scan into your new authenticator
Open Aegis, Authy, 1Password or your preferred app, choose "Add account → Scan QR", and point at the QR below.
Copied
Don't know what to try?
380 free tools — open a surprise
🎲 Surprise me

Features

Local image decoding Full otpauth:// parsing Live TOTP preview Re-render as fresh QR Paste URI fallback

FAQ

Does the image leave my device?

No. jsQR decodes the image in your browser using Canvas + WebAssembly. The file is never uploaded to any server.

Why would I want the secret?

To migrate between authenticator apps (Google Authenticator → Aegis is the most common), to back up the secret in a password manager, or to add the same account to a second device for redundancy.

Does it support HOTP?

Yes. HOTP URIs include a counter parameter, which is shown after decoding. Note that HOTP counters drift if both devices use the same secret independently.

Does it work with Google Authenticator's multi-account export QR?

Partially — the special `otpauth-migration://` URI is shown but not fully decoded. For multi-account migration, use a dedicated tool. Single-account QRs work fully.

Is this safe?

The code runs locally in your browser; you can verify with the Network tab in DevTools that no requests carry the secret. For maximum trust, run the page offline after first load.

What apps can scan the re-rendered QR?

Any RFC 6238-compliant authenticator: Google Authenticator, Authy, Aegis, Microsoft Authenticator, 1Password, Bitwarden, FreeOTP, ente Auth.

💡 Want us to improve this tool just for you?

We can — and it's free! Just send us a quick message with your idea. If you'd like to discuss it in detail, leave your email and we'll get back to you. You can stay anonymous.

You May Also Like

🔄 Bitwarden Converter 🗃️ KeePass Viewer 🔗 One-Time Secret Share 🔐 PGP Key Generator 🎲 Passphrase Generator 📊 Password Audit 🚨 Password Breach Checker 🔑 Password Generator

How do you rate this tool?

Thank you for your rating!
Want to share more? Leave a comment!
Thank you! Your comment will appear after moderation.
Who is this tool for?
💻 Developers & IT Pros 🔒 Security & Privacy
Published Updated