In this post, you will learn how to set up Authy authentication app to get your 2FA codes both on your mobile devices and computers.
With all the hacking going on and passwords not being enough to stop hackers from account hijacking, one of the most powerful steps you can take to secure your online accounts is to start using two-factor authentication (2FA) NOW.
Of the several great two-factor authentication apps one can use (Authy, Google Authenticator, Duo mobile, etc), Authy stands out and for good reason.
Important: You can use Authy for 2FA anywhere Google Authenticator can be used for 2FA. Just that many sites will only include or mention Google Authenticator in their 2FA instructions.
Now, before we continue, here is my mini rant on why you should choose to use Authy over Google Authenticator. (I was not paid to write this).
Authy vs. Google Authenticator (Why you should choose Authy)
Although all two-factor authentication apps work in a similar fashion, Authy is more feature-rich and polished.
One of Authy’s many useful features, and for which I personally recommend it, is that it allows for encrypted cloud-backups of your 2FA tokens. This makes it super easy to restore that backup to a new phone if you ever change or lost it. This is much more like how a typical online password manager works.
On the other hand, Google Authenticator has no encrypted backups, hence once you lose or change your phone you lost everything. You’ll have to go in and manually set up your accounts all over again. If you are new to 2FA, that’s a huge hassle you want to avoid.
Additionally, the encrypted backups Authy takes allows your codes to be synced to all the other devices you have Authy installed. And if you are working on your computer, and your phone is not within reach, you can use still generate your tokens through the Authy Chrome App for PCs. How awesome is that!
Whereas Google Authenticator lives on one and only one device – the mobile phone which you registered with. In other words, the same Google Authenticator account cannot be used on more than one mobile device let alone on a computer.
Actually to compare Google Authenticator to Authy would be unfair, because with Google Authenticator there is too much to be desired. I am just going to end it here because I think we have a clear winner. But if you’d like to find out ALL the places where Authy beats Google Authenticator, check out this post.
How to Set Up Authy App for 2FA
The Authy App for PCs can, therefore, be used on any desktop Operating System – Windows, MAC, and Linux – although you have to install Chrome. But if for some reason you do not like Chrome or Google in general, you can still use Authy’s native desktop downloads for MAC and Windows only.
Set up Authy on Android (and iPhone)
To set up Authy for 2FA on your Android device follow these steps (which should be the same for iOS users):
Step 2: Open the app and you will be prompted for a phone number. Enter your cellphone number.
Step 3: Your email will be requested as well if this is the first time you are creating an account. Enter your email address.
Step 4: Authy will now verify your account with a registration code. Choose how you want to receive the code – SMS, phone call, or existing device (this is for when you are registering a secondary device, your primary device can verify the new device).
Set Up Authy Chrome App on Desktop and Laptops
Step 2: Enter your cellphone number and Authy will proceed to verify your account with a registration code. Choose to receive the code via SMS, phone call or an existing device (you’ll receive a prompt on another device where your Authy account is currently signed in).
Note: You must use the same cellphone number you use for Authy on your mobile phone and other devices.
After verification, your computer will gain access to your Authy account, and you’ll have all your backed up authenticator accounts (tokens) synced with your computer.
Step 3: Now you will need to input your Backups Password to see the tokens. Enter the Backups Password once for an Authenticator account and all the other authenticator accounts will be unlocked.
You will now be able to do everything you can do on the Authy mobile app on the Authy Chrome app. Any changes you make will reflect on all your other Authy accounts because they are synced.
Alright. That’s all you need to set up Authy both on your mobile phone and computer.
You can now start using Authy as your 2FA engine even though the website may expressly ask you to use Google authenticator, Authy will work just fine.
The last thing you need to know is how to Backup and sync your Authy codes, and also how to set up all the different Authy passwords there is. The following section covers all of these in one fell swoop 🙂
Authy Security Passwords and How to Set them up
There are 3 kinds of passwords on the Authy app and here are what they do and how to set them up:
1. Authy Backups Password
As the name implies, this is the password that is used to encrypt your 2FA tokens backups.
When you enable backups (which is optional) on your Authy app, the backups password encrypts all your tokens and uploads them to be securely stored on cloud servers owned by Authy.
This is done so that in the event you lose or change your phone, you can retrieve this backup securely and continue on another device as though nothing happened.
Important: If you ever forget your backups password, your account tokens will be permanently lost. The backups password cannot be retrieved or reset (because Authy never collects it). This is why you must write it down somewhere safe.
Set up Authy Backups Password
Open the Settings Page on your Authy mobile app, slide to the “Accounts” tab and toggle the “Backups” button to switch it ON.
On the Backups Password page enter your desired password twice to confirm it, and tap “Enable Backups” to finish.
If you have any authenticator accounts set up, this step will immediately change their status from “Not backed up” to “Backed up”.
2. Authy Mobile App Protection PIN
The App Protection PIN is a 4 digit passkey for your Authy app on Android and iOS.
Once enabled, the App Protection PIN locks your app so others will not be able to access your tokens if they were to gain access to your physical device.
The App Protection PIN also supports fingerprints on supported Android devices, and Touch/Face ID on supported iOS devices.
Important: If you ever forget your PIN, any 2FA account tokens that have not been backed up will be permanently lost. However, users can recover their Authy account by following the instructions listed here.
Set up Authy Mobile App PIN
On the Authy mobile app settings page, under “My Account”, tap “App Protection”.
Now choose a new 4 digit App Protection PIN of your choice. Re-enter PIN to confirm.
3. Authy App Master password
The Master password provides an additional security layer for your Authy 2FA tokens on the Desktop and Chrome Apps.
Once enabled, the Master password will encrypt your tokens whenever the Authy App is opened, or when your computer goes idle. If a malicious hacker somehow gains access to your computer (for example, when you leave your PC at your office unlocked and step out), they would need the Master password to gain access to your tokens.
Important: If you ever forget your master password, any 2FA account tokens that have not been backed up will be permanently lost. However, users can recover their Authy account by following the instructions here.
Set up Authy App Master Password
Like I mentioned before, the Authy master password can only be set on the Chrome and Desktop Apps. I will show how it’s done on the Authy Chrome App.
Open the Chrome App, click Settings (gear icon) > Account. Inside the “Master Password” box, set a new master password (must not be less than 6 characters).
Take Authy for a spin! If you have not used Authy before, here is a great example of adding 2FA to a Facebook account using Authy.
Now, there’s no doubt that this extra layer of second-factor authentication after using your normal password will take away from your convenience, but it’s worth having it.
If you value your security and privacy at this time and age, you should absolutely be using 2FA.
Lastly, and very importantly, if you are new to 2FA, you should not even waste your time trying out two apps, just stick with Authy.
Over to you…
What two-factor authentication app will you use if you decide to start using one?
Will you use the Authy App for 2FA or Google Authenticator? Share your thoughts with others in the comments.
Also, don’t forget to share this post with your friends using one of the social sharing buttons below.