Transfer Authy to 1P
Authy Desktop (twillio) are set to EOL on march 19th is there a simple easy way to move / migrate OTP over to 1P easily?
I'd have to check but for at least the last year or so most OTP that I have setup I have them both in 1p and Authy using the same QR code having a good backup failsafe, some don't yet exist in 1P.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Authy does not allow importing or exporting. Their online help documentation suggests the following. I would also recommend the same approach.
- Login to the desired online account with your existing 2FA token.
- Disable 2FA in the app's site.
- Re-enable 2FA again in the app's site.
- Scan the QR code, this time in the desired 2FA App.
In your case this would be 1Password in step 4. :)
1 -
Thanks doing this exercise I am finding many now offer Passkey which is a good thing. Even got rid of some sms message methods.
0 -
Nice. I'm not fond of SMS TOTP. If what you found (passkey) is not part of the Passkeys.directory please consider suggesting it.
0 -
There's a solution written in Go that seems to be quite popular at the moment (just Google "Authy export" and you'll see it being discussed on Reddit and in blog posts all over the place, all typically leading back to work by GitHub user gboudreau), but when I exfiltrated all of my 2FA credentials from Authy two or three years ago, it didn't exist yet. Instead, I used a solution written in JavaScript called authy-extractor that, provided it still operates as well now as it did then, still strikes me as a superior approach. Using it's very straightforward command-line interface, I was able to end up with each of my accounts that had been stored in Authy both as JSON-formatted text files that contained the names I stored them as and user account IDs along with the raw TOTP seeds, but also as individual PNG files bearing the account name and containing the QR code with all the same information as the text files, so I could import them elsewhere just as I had originally to Authy with nothing more than an ordinary image viewer. I trust that opening them with a web browser instead would make for a truly painless way to get them into 1Password via the browser extension, too.
The more recent approach requires using an older version of the desktop client which included a TCP port connection for debugging in concert with the Developer Tools in a web browser to gain access to the same information, which altogether feels like more a kludge by comparison. With authy-extractor, I was able to add it to my Authy account as just another device by confirming a prompt within the Authy app, and once the extraction was complete simply deleted that extra device from my account again using just the standard built-in mechanism for doing so in the Authy app. This of course requires a computer or mobile device with the NodeJS interpreter installed and accessible from the terminal, but that seems trivial compared to futzing around with installing an old version of the desktop client and first crippling its auto-update function, configuring it to open the debugging port and then messing with the browser dev tools to pry each account loose one-by-one. I'll take being able to get them all out in a single batch anyday over that.
I hope this is still a viable alternative and helpful to those looking for a solution to this mess. I have yet to hear a good reason for Twilio's decision to deprecate their desktop client, but even if I had I would still think this whole contrived ordeal stinks.
0 -
Thank you for sharing @RogueScholar
1
