If you’d rather switch apps altogether, it’s worth noting that Authy doesn’t come with an export feature.
That’s what makes Aegis better IMO. People use it because they like it, not because they’re locked in.
So how do I go about switching away from Authy? Go to every site I have 2FA enabled and remove/readd with the new app?
Basically, yeah.
Blerggghgfghhh >:[
Thanks
You can follow the steps here to use a previous version of the desktop app to extract the keys: https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93
The javascript didn’t seem to send the extracted data anywhere, but I did disconnect from the internet while running the script.
What would possess anybody to use a 2FA service that locks you in?
Ignorance.
It’s not like they advertise “No exporting” as a feature after all.
And generally speaking when people are grabbing an authenticator app it’s because you’re either trying to sign up for a service, or you’ve been given some kind of unwelcome push to upgrade your account security. Not an environment that’s conducive to extensive research.
Spent an hour last night moving to 2FAS. Authy doesn’t make it easy – unlike their competitors, they don’t offer an export feature.
2FAS
It launched an NFT based donation program: https://2fas.com/donate/
and it is not available on F-Droid.
I’d go with Aegis for an App on Android, or a Bitwarden/KeepassXC password manager which can both handle 2fa tokens too.
I don’t like the thought of having my passwords and 2FA live in the same place - that seems to miss the point a bit.
Like your phone?
Ha, fair - and my desktop too, since I currently use the Authy desktop app. However, that’s two different sets of credentials an attacker needs to steal/bypass, and two chances to stop them in time.
You can have 2 different keys DB on keepassXC with different passwords, you can even try to save them in separate remote locations. The key points are data interoperability over different devices and its portability over different services, because the worst thing that can happen is that your favourite app, from where you cannot use or move your credentials elsewhere (like the Steam Guard app for instance), one day might stop working suddenly leaving you unable to access your accounts.
If you use Linux then OTPClient works great with Aegis since it can open Aegis export files directly. I’ve set up Aegis to make an export whenever I change something, I sync the exports automatically to my PC, and I open them with OTPClient there.
OTPClient can ask for the export password each time you open it and will close itself automatically if it’s not used for a while.
You can also use it to export the 2FA codes further in various formats, show the QR code for any of them, and all kinds of useful features like that.
Aegis is great.
deleted
You can download it straight from their GitHub, or presumably using Obtainium
yeah but F-Droid also insures the authenticity and reproducibility of the binary builds
First thing I check before I commit to something: export feature.
Yeah, this is going to be a pain in the ass. At least I have until summer.
But you found a way. How?
Literally went to every site in Authy and removed 2FA and then re-added it with the new app.
It’s an electron application so it’s possible to connect a debugger and extract the keys from there if you wish to export them.
A quick search found this and I did similar myself a few years ago when something forced me to usr authy.
Champ
Twilio, Authy’s parent company, is also moving Authy’s customer support hub to the help center on Twilio’s website after January 15th, 2024.
Twilio says it made the decision to sunset its desktop app to “streamline our focus and provide more value on existing product solutions for which we see increasing demand.” The company laid off 5 percent of workers in December 2023, and it just announced on Monday that it has replaced its CEO.
Yeah these are absolutely things healthy companies that aren’t in danger of going out of business do.
Sigh…
Authy desktop was extremely useful when my phone broke during an international trip, and getting a new one obviously took some time due to well… being abroad.
I wish more developers would click that little checkbox in AppStore connect and allow their iPhone / iPad apps to run on the Mac. It’s pretty damn handy.
Agreed. The Authy devs have done that, at least:
If you have a Mac with M1 or M2 silicon, Authy says you’ll still be able to download the iOS version of the app on your device.
This is the best summary I could come up with:
An updated support page spotted by Bleeping Computer says Authy’s app on Windows, macOS, and Linux will go away in August 2024.
However, Authy is one of the only 2FA apps available for desktop, making it an ideal choice when you want to sign into an account on your computer without having to get out your phone.
If you have a Mac with M1 or M2 silicon, Authy says you’ll still be able to download the iOS version of the app on your device.
Otherwise, Authy recommends switching to the mobile version instead, which you can automatically sync with the app on your computer.
If you’d rather switch apps altogether, it’s worth noting that Authy doesn’t come with an export feature.
Twilio says it made the decision to sunset its desktop app to “streamline our focus and provide more value on existing product solutions for which we see increasing demand.” The company laid off 5 percent of workers in December 2023, and it just announced on Monday that it has replaced its CEO.
The original article contains 260 words, the summary contains 173 words. Saved 33%. I’m a bot and I’m open source!
Ente Auth is better anyway
Does it have a desktop app and mobile app?
Edit: must be a typo I can’t find this app
I believe this is the one they’re referring to
I have been meaning to get off of them on mobile for my MFA tokens for awhile now, but haven’t been able to bring myself to go through the effort. I really need to, I have been expecting any day now that Authy was going to go subscription or go away completely once Twilio got into the equation.
I’ve had no lucky with my 7 digit exports and can’t find anywhere to reset them, but it seems these services only use authy for totp.
For my 6 digit ones I was able to export them all and move apps with this guide
https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93
There’s also a YouTube video here:
https://m.youtube.com/watch?v=n7ruB_uFcj4
One issue I had was authy kept trying to auto update from the old version any time I was in the setup process and it would cease to function, forcing me to restart it, and then it was updated.
All I did was go to the appdata folder in windows where it was installed and I found different folders for the specific version and I just opened a terminal there and ran it with the argument defined in the guide and it worked fine.
Here is an alternative Piped link(s):
https://m.piped.video/watch?v=n7ruB_uFcj4
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
deleted by creator
Good! One proprietary Electron app less on this world.
Seriously, for generating one-time codes do we really need whole web engine underneath, a network connection and whole company based on it? Those things should not weight more than a couple of kilobytes plus a vector icon.
Not sure how easy it is to get your totp seeds from authy but if you can add them to a kdbx database instead that way you can use any editor on desktop or mobile. Some popular editors are keepassdx for android, keepassxc on desktop (think all systems but could be wrong) and keepassium or strongbox on iOS. Obviously backup your databases following the 3,2,1 rule.