User guide: End of Life (EOL) for Twilio Authy Desktop app

Dasnap , 4 months ago

They've moved the EOL date up from August 19 to March 19. 5 fucking months out of nowhere. It used to be that companies would give EOL warnings a year or so in advance, but now I'm seeing "you've got a week bozo GG" more and more.

JoeKrogan , 4 months ago

Freeotp+ allows you to export your Codes só you can back them up or import them again

hoot , 4 months ago

Aegis does as well. I haven't looked at freeotp but the feature I liked about Aegis is there is no sync or recovery feature vulnerable to simjacking, like Authy was.

I wonder when they'll improve the shit MFA they've got on their Sendgrid product... it was heavily tied to Authy.

bionicjoey , 4 months ago

Anyone know how to export everything out of Authy on Android? I feel the end is in sight

_edge , 4 months ago

Unfortunately not.

akilou , 4 months ago

You can't do it. Authy's FAQ page says it's for security reasons or whatever. I moved to Aegis a bit ago and had to do them one by one.

buran , 4 months ago

This is how I did it, using my Mac laptop. You can’t do it with the phone app, but a Mac or Windows computer can.

https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93

DevCat OP , 4 months ago

Time to find a replacement, I guess.

abhibeckert , 4 months ago

I'd look for one that also does passwords. And passkeys too, since that's looking like it will replace TOTP.

Since like it or not you're going to have three credential systems to deal with, at least have all of them in one place.

nevemsenki , 4 months ago

Keepass can do all, though TOTP support is not exactly what I'd call streamlined. Still works well nevertheless.

Edit: unsure of passkey when I think about it now, but worst case someone will make a plugin for them I guess...

Chopchop , 4 months ago

My only issue with these tools is that you're putting both your passwords and the 2fa in one basket.

nevemsenki , 4 months ago

That is true, though you could keep your password and totp databases separate theoretically. I'm not sure if keeping them in say separate apps brings much benefit if your phone/pc gets compromised though, as most people would have both available on their device... totp is more about convince, it's never as secure as a hardware thing say yubikey.

tgxn , 4 months ago

Bitwarden is by far the best answer. 👌👍

Kusimulkku , 4 months ago

Since like it or not you're going to have three credential systems to deal with, at least have all of them in one place.

Not the best idea for security