What happens if I lose my phone with passkeys on it?

Sign in from another device with your recovery options, then remove the lost device from your account.

Is SMS 2FA still safe?

It's better than nothing but vulnerable to SIM-swap attacks. Use an authenticator app or hardware key instead.

Security

Secure Your Google Account on Android: 2FA, Passkeys, and Recovery

Your Google account is the master key to everything on your Android phone. Here's the four-step lockdown.

By Adrián Vega

Published 30 January 2026 · Updated 13 March 2026 · 9 min read

Your Google account is the keys to everything — email, photos, contacts, payment methods, the Play Store. A compromised Google account on Android is essentially a compromised life. The good news is that Google has spent the last few years making it genuinely easy to lock down.

Switch to passkeys

Passkeys replace your password with a cryptographic key stored on your device, protected by your screen lock. They cannot be phished. Visit g.co/passkeys on your phone and follow the prompts.

Enable two-step verification

Even with a passkey, turn on 2SV as a backup. Settings > Google > Manage your Google Account > Security > 2-Step Verification. Add at least two methods: an authenticator app and a backup phone number, or better, a hardware security key.

Set recovery options

Add a recovery email and phone number. Without them, losing your phone can mean losing the account permanently.

Review device access

From the Security page, tap "Your devices". Sign out anything you don't recognise. Do this monthly.

Watch

Video walkthrough

A short video on google account two factor android to complement the steps above.

Key takeaways

Passkeys cannot be phished and are now the recommended default.
Always have at least two 2SV methods.
Review active devices monthly.
Recovery email and phone are mandatory — don't skip them.

Frequently asked questions

What happens if I lose my phone with passkeys on it?: Sign in from another device with your recovery options, then remove the lost device from your account.
Is SMS 2FA still safe?: It's better than nothing but vulnerable to SIM-swap attacks. Use an authenticator app or hardware key instead.

References & further reading

Google: Passkeys

Related guides

Security

Setting a Strong Screen Lock on Android (PIN, Pattern, Biometrics)

The lock screen is your phone's last line of defence. Most people get it wrong.

4 min read · Updated 29 Apr 2026

Hand holding a smartphone displaying a map

Security

Set Up Find My Device on Android the Right Way

The new Find My Device network works offline using nearby Android phones. Here's how to enable everything.

5 min read · Updated 12 Jun 2026

Samsung Galaxy device on a wooden surface

Security

Samsung Secure Folder: A Realistic Guide

Secure Folder is a separate, encrypted Android user on your Samsung phone. Here's how to use it well.

6 min read · Updated 29 May 2026