I started using Authy to manage my 2FA tokens well over a half decade ago; I used Google Authenticator previously, but as I was starting to switch devices regularly, I needed a solution that works across several devices, iOS, and Windows. To its credit, Authy offered everything I needed of a 2FA client, so I moved all of my tokens to the service, and it has been hassle-free — until now.
Authy stores 2FA tokens associated with your account on its servers, and you'll need to set up a backup password to decrypt accounts when moving to a new device. The backup password isn't stored anywhere, and while there have been a few glitches in the past when the password wasn't recognized on a new device, resetting it on the older device and keying in the new one always did the trick.
But that dynamic changed earlier this week. I was switching away from the Pixel 8 Pro to Vivo's X100 Ultra, and when I tried to enter the backup password in Authy, it said the credentials were incorrect. So I reset them on the 8 Pro, and entered the details again on the X100 Ultra, to no avail. I figured there must be an issue with the package, so I uninstalled Authy and did a reinstall, but the same issue remained.
I switch between devices every two weeks on average, and logging in to Authy on a new phone is as routine as backing up photos while configuring a new device. So I went back to a phone I was using last month (the POCO F6) and pulled up Authy on that device to see if the new password would take. Again, the service said the password was incorrect, and no amount of clearing cache/data and reinstalling made a difference.
I have been mulling a switch to another 2FA service for a while now, but kept putting it off because of the hassle involved. While other 2FA providers make it easy to transfer data, Authy doesn't have that provision — in that sense, it is the Evernote of 2FA clients. This meant that I had to manually reconfigure 2FA on all of my accounts to move to another service.
When it comes to choosing an alternative, there are lots of great choices. Aegis Authenticator ticks a lot of the right boxes, but it doesn't work for my own use case as I need something that syncs across devices seamlessly. That's why I switched to 2FAS; the service is free and open source, has a browser extension that's ideal on Windows, and syncs via Google Drive, making it extremely easy to set up when moving to a new phone.
The best part is that you don't need to furnish a phone number to use the service, and if you want to stay anonymous, you don't need to use Drive sync. The only issue in my usage is that as it relies on Drive, you cannot set it up on iOS — this is the same issue with WhatsApp. That said, you can easily back up all 2FA tokens to a file, and use that while setting up 2FAS on an iPhone — that's what I did, and it works seamlessly.
There's also the fact that 2FAS has a clean design, and you get a widget on both Android and iOS. It excels at providing time-based one-time passwords for your accounts, and does so without needing you to share any unnecessary details. Combine that with the ease of use and its ability to work across devices, and it is now my go-to 2FA recommendation.
