It is becoming more and more common for users to enable two-factor authentication when accessing their various accounts on the internet. Adding 2FA via a simple password provides an increased layer of security and protection against hacking and phishing attacks.
The popular Authy app has become the go-to choice for many when it comes to their 2FA authentication. Below we look at how to use Authy and get it up and running quickly to add an extra layer of security to your accounts.
Using the Authy mobile app and the desktop version
Authy works on both mobile and desktop and offers the ability to sync your different devices with each other. This means that once synced, you can use either the mobile version or your desktop when logging into a website that requires 2FA.
SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)
First install the mobile version. To do this, go to the iOS App Store or Google Play Store and download Authy like any other app. Make sure you download the official version of Twilio.
Once downloaded, launch the app and you will be greeted by the main setup screen. This screen will ask for your country code and phone number (Figure A).
Enter the phone number for your device and confirm. At that point, Authy must then verify your phone number by either sending a text message or an automated call. Once you receive confirmation via SMS or voice call, enter it in the space provided.
Authy is now installed on your phone and you can start adding accounts for 2FA authentication.
Set up your accounts to use Authy for 2FA
Now you should start adding specific login accounts that you want Authy to protect. This process varies slightly between different platforms and websites, but is ultimately the same across all websites.
In this example we’re using GitHub, but almost every web account works the same way.
In GitHub — or any account you want to protect — go to the Settings section for your account (Figure B). Access is usually by clicking on your account name or the three horizontal lines that show a drop-down menu.
From there, click Passwords and Authentication (Figure C). In some menus this option is called Security.
On the next page, select Enable two-factor authentication (Figure D).
At this point, most websites will ask if you want to use an app like Authy or SMS (Figure E). In this case we choose Authy.
You will then receive a QR code (Figure F). This is the code you scan from the Authy mobile app to link the two apps.
Return to the Authy mobile app. If it’s a clean install, the app just shows a + icon. Click here to add a new account. Otherwise, click the menu at the top right and select Add Account (Figure G).
The app will then tell you that it is ready to scan the QR code. Click the blue bar that says Scan QR Code (Figure H).
Then simply use your phone’s camera to scan the QR code on the screen. Authy recognizes the QR code and presents you with a six-digit PIN code to enter on the website (Figure I).
Enter this code and you have completed the process of enabling two-factor authentication with Authy. Whenever you log into this account, you will be required to enter the six-digit PIN provided by Authy.
This is a constantly changing PIN and is reset every 15 seconds. The next time you log in, you’ll need to enter the new PIN provided by Authy before the code resets. If it resets before you sign in, just use the next code presented by the Authy app. Never give this PIN to third parties.
Using Authy on desktop and syncing devices
Now that Authy is set up on your phone, you’ll want to add your desktop computer so you can log into websites without having to keep your phone handy at all times.
Start by clicking the top right corner on the mobile app and then click Settings. Then click Activate multiple devices (Figure J).
When you’re done, go to the Authy website in your desktop browser and click the download link at the top of the page. Then select your operating system – either macOS or Windows. Once downloaded, install the program on your computer like any other application.
Authy will then load after installation and the screen will be virtually identical to the mobile version you just installed earlier.
On the first screen, re-enter your phone number. Make sure it’s the same one you used to set up the Authy mobile app (Figure K).
Once entered, the Authy app will be notified on your phone and warn you that a new device wants to sync to the account (Figure L).
You will be prompted to confirm this sync by manually typing OK. Do this and you will get a confirmation page. The process is now complete and your desktop Authy is synced with your mobile version.
All accounts added with one device are instantly shared across all added devices.
Remember to enable backups for Authy
There is another crucial step in using Authy that is sometimes not enabled by default. This is to enable a backup password. This is one of the most important steps because if your phone or device is lost or damaged, there is no other way to retrieve your accounts other than using this password.
To enable this feature, go to the top right corner of the mobile app and select Settings. From there, click Enable backups (Figure M).
Note: On some new Authy installations, the prompt to enable password backups may appear when trying to add your first website account. In this case, simply create your password at this time.
This password is very important, so write it down, verify it is correct and keep it in a safe place. There is no way to retrieve or recover this password. So if you lose or forget it and your devices stop working, you won’t be able to access your website login accounts anymore.
Once you’ve set up your backup password, that’s all you need to start using Authy. If you add new accounts or devices in the future, the process will be exactly as described in the previous examples in this guide.