2FA4G Usage Guide

2FA4G lets you manage OTP tokens on your phone and move supported codes to your Garmin watch for offline access. This guide covers import methods, Garmin sync, compatibility limits, and common troubleshooting steps.

Quick Start

  1. Install Garmin Connect Mobile and pair your watch normally.
  2. Open 2FA4G on your phone and import a token.
  3. Tap the watch button in the top bar, choose your Garmin device, and install the watch app if prompted.
  4. Start sync. Supported tokens are stored on the watch and can be viewed offline.

What 2FA4G Supports

2FA4G is designed for common OTP setups used in email, developer tools, VPN access, productivity apps, and admin dashboards.

Phone-side token support

  • TOTP and HOTP
  • QR import with otpauth://
  • Google Authenticator migration QR import with otpauth-migration://
  • Manual entry for account name, issuer, secret, digits, type, counter, and period

Watch-side token support

The current Garmin watch build supports:

  • TOTP
  • HOTP
  • SHA1
  • SHA256
  • Common 6-digit and 8-digit codes

The current watch build does not sync SHA512 tokens. If you add a SHA512 token on the phone, it remains stored locally on the phone but cannot be pushed to the watch until watch support is added.

Import Tokens

Scan a QR code

Use the import button in the top bar and choose Scan QR code. Point the camera at the setup QR code provided by the service you are enrolling.

Import from a photo

Choose Import from photo if you already saved a QR image. 2FA4G will request photo access and attempt to read the QR code from the selected image.

Import from the clipboard

Choose Import from clipboard when you copied an otpauth:// or otpauth-migration:// link from another app or browser tab.

Enter a token manually

Choose Enter manually when the service gives you a secret instead of a QR code. At minimum, confirm:

  • account label
  • issuer
  • secret
  • TOTP or HOTP
  • digits
  • period for TOTP
  • counter for HOTP

Sync to Garmin

Before syncing

Make sure:

  • Garmin Connect Mobile is installed and signed in
  • the watch is connected to the phone
  • the 2FA4G watch app is installed
  • both the phone app and watch app stay available during the sync

How sync works

2FA4G sends the current active token set from the phone to the watch. The watch stores supported tokens locally, so you can read codes later without keeping the phone nearby.

Free accounts can sync up to the first 3 active tokens. Pro unlocks the full active vault for watch sync.

HOTP behavior

HOTP counters can advance on the watch when you generate codes there. On the next sync, 2FA4G merges counters to avoid moving backward.

Export for Google Authenticator

Open a token and choose to show its QR code. 2FA4G can export either:

  • a standard otpauth:// QR code
  • a Google Authenticator migration QR code

If a token uses a custom period that Google Authenticator migration cannot preserve exactly, 2FA4G will warn you before export.

Local Storage and Privacy

2FA4G stores token secrets locally on your device. When you choose to sync, supported tokens are also written to the Garmin watch. The normal product flow does not require a separate cloud account.

Purchase entitlement is checked through RevenueCat together with the App Store or Google Play billing system. See the Privacy Policy for details.

Free and Pro

Free

  • up to 3 active tokens
  • Garmin sync for those active tokens
  • full import flow on phone

Pro

  • more than 3 active tokens
  • full active-vault Garmin sync
  • no free-limit lock state for extra stored tokens

Troubleshooting

No Garmin watch appears

  • Open Garmin Connect Mobile once
  • confirm Bluetooth is enabled
  • confirm the watch is connected inside Garmin Connect
  • return to the watch sheet and refresh devices

The watch app is not installed

From the watch sync sheet, choose Install watch app and complete the Garmin Connect IQ install flow.

Sync says a token is unsupported

The most common cause is SHA512. The phone can keep the token, but the current watch build only syncs SHA1 and SHA256.

Sync times out or fails

  • Keep Garmin Connect Mobile running
  • keep the phone app in the foreground
  • open the watch app before retrying
  • refresh devices and try again

My codes look wrong

Check that the imported token matches the source service exactly:

  • correct secret
  • correct TOTP vs HOTP type
  • correct period
  • correct digits
  • correct HOTP counter

Contact

If you still need help, visit Support or email [email protected].