Aegis for Android and Raivo OTP for iOS/macOS are my new recommendations for 2FA. Authy is not bad by any means – in fact, it has a couple advantages over Aegis and Raivo – cross platform availability and in-app seamless sync. If you are currently using Authy and would rather not port over your accounts to a new app (it’s quite tedious), keep using it without worry. My recommendation is changing to Aegis and Raivo because both are open source and allow for easy export of your accounts if you want to move a different app in future. Authy is closed source and does not make it easy to move your stuff off its service. Aegis and Raivo support the backup features built into Android (Google Drive backup) and iOS (iCloud), respectively.
Two-factor authentication (2FA) is a quick way to vastly improve security of online accounts. Support for 2FA is common among web services these days, and you should definitely enable it wherever available. With 2FA on, you will need an extra step of authentication besides your password to prove it’s really you accessing your account. The second authentication can be through a hardware USB key, or a one-time code generated by a 2FA app, or a one-time code sent over SMS or call. Out of these, the 2FA app is our personal recommendation, as it bypasses the expense and hassle of keeping a physical key, and also doesn’t carry the slight risk of spoofing/phishing associated with SMS codes.
There are many 2FA apps out there, and you might have heard of popular ones like Google Authenticator and Microsoft Authenticator. Both apps are fine by most measures, but they share an issue that’s common across most 2FA apps – you cannot use them on multiple devices. You can backup and move your codes from one phone to another, but you can only have them configured on one device at a time. This is where Authy comes in as a superior alternative, and why it’s our easy pick for 2FA. Authy supports most services that have 2FA like Google, Facebook, Twitter, Microsoft, and such. It allows you to sync your codes securely through a backup password and access them from multiple devices. Everything’s encrypted so Authy can neither read the codes nor retrieve them if you forget your backup password.
Switching to Authy from another 2FA app requires a few steps, but it’s not too difficult. You will have temporarily disable 2FA from the account settings, then enable it again, this time using Authy instead of your old 2FA app for the setup. Once this is correctly setup for all accounts, you’re good to delete your old 2FA app and start using Authy. Wired has a helpful article on this topic.
