Aegis [1] seems to be a great alternative, at least on Android. Besides a search bar, it allows you to backup or export all your entries in an ecrypted vault. You can also include them in the Android cloud backups.

[1] https://github.com/beemdevelopment/Aegis

An alternative in sitautions where OTP-only is allowed. E.g. I work as a freelance contractor and every single customer requires MFA with GPS tracking. Some also require accessing Bluetooth on the phone.

For a long time GA had no method to back up or extract the data. It also excluded itself from ADB backups. One had to root their phone to extract the data.

Google authenticator is absolutely horrible. Until recently there was just no way to back it up, at all. If you were getting rid of your phone, well, tough shit.

You just need to export it using QR codes. My keys were paginated into 11 QR codes when transferring devices.

They now have cloud sync, which I don't really think is a good idea. But it solves your problem of migrating devices. However I've already moved on to Aegis, because I'm done fling scrolling through my Mahabharata of TOTPs to find the correct account.

> apparently the Google Authenticator doesn’t back something up.

This is widely known and IMO a very good argument to use a different TOTP/2FA app than Google Authenticator. There's plenty out.

Personally I use Bitwarden pro, which lets you add TOTP keys directly to the account you're using it for, integrating it into the login-process. Very smooth.

And it sync/backs up across all my devices.

One could say you shouldn't store the 2FA along with your password.

Not the parent, but I look at it this way…

Something I have: the database file.

Something I know: the master password to that file.

I figure the sprit of the advice is preserved for the most part. (Doesn’t keep me awake at night, anyway.)

But 2FA on a phone had been awkwardly okay. Could be because it's just too silly that adversaries can't take it seriously, but it's been okay.

Yes, I was shocked by this too moving phones many years ago. I’m surprised things haven’t improved. I switched to 1Password for this reason; it backs up the 2FA seeds, and I only use it for storing the 2FA seeds, and when I need to use it, I copy-paste the numbers, and I don’t use it for passwords, retaining most of the 2FA factor separation. Switching phones worked (after entering my login, pw, and long master key in the new 1P install).

(My passwords are copy pasted from somewhere else, so admittedly not 2 different factors, but at least 2 independent ones.)

So in short, even though I probably use 1% of the 1P functionality, I can recommend 1P for replacing GA.