./fmski

From Google Authenticator to Aegis without root

In my quest of de-google-ifying my day to day operations I wanted to ditch Google Authenticator (GA) and swap to Aegis, a nice open source alternative.

Of course there's no simple way to export your tokens from the Google application except via an obscure QRCode that seems to be only read / decoded by the same app.
There's a way to import those tokens if you manage to download the GA database as Aegis offer an import option for that, the problem is you need a rooted device which I don't have.

I do have Android emulators on my machine though!
I started by booting one of those emulator with Google Play on them, easy enough, logged in with my Google accound, downloaded GA and imported my tokens using the QRcode from my phone app.
For the camera of the emulator to be actually your laptop webcam you need to go in the options of the emulator, advanced and then choose your webcam as the back camera then restart the emulator by doing a cold boot.
I then realised it's impossible to get the GA app data as the emulator itself is not rooted. I was a bit confused as I remember clearly looking around some internal app databases with this trick back in the days.
After some duck duck going I realised that this can only be done on Google APIs images and not the Google Play ones.
Great, so now I can just boot one of those, download the GA apk on apkmirror (yes, this should be safe) and do the same steps.

Using Android Studio and the device explorer I can now download the database located in /data/data/com.google.android.apps.authenticator2/databases/databases and open it with your favorite sqlite program (I just used the one integrated in Visual Studio Code) and you can now see all your 2FA keys!
Only left is to put that file on your phone and in Aegis go to the Settings and import from file!


Questions, remarks about this post?
Reach me on Twitter @florianmski