I’m sure a lot of people who really care about their privacy, securing their accounts in every possible way, have Two-Factor Authentication enabled.
A lot of online services these days are implementing this feature. Buffer was the last service to enable this feature after they were compromised.
For those of you who don’t know what Two-Factor Authentication is you can read my article here. I explain what Two-Factor Authentication, different types of authentication and the sites that support it.
Authy Review: Google Authenticator App alternative
Here’s my full review of the Google Authenticator app: It sucks! At one point, Google pushed an update to it’s iOS app that made all the tokens disappear. Although they did manage to quickly push another update to fix this issue and restore all missing tokens, it wasn’t the best experience for many users, who because of the issue, had to reset their Two-Factor Authentication. It’s not a fun thing to do.
I have used it for quite a while, but I hated it. I never even bothered myself to look for an alternative to this horrible app, until recently when I was scrolling down my RSS feed. I came across this article from Federico Viticci the editor in chief of MacStories.
Viticci mentions an app called Authy, which back then, I didn’t know anything about. And just like that, a love story began between me and Two-Factor Authentication all over again.
Authy is a company based in San Francisco. It’s an authentication platform in the cloud, its idea: everyone should be able to use strong authentication.
To download the free app you can click here. After you install it, there’s an easy to follow guide on how to get started with Authy. All you need to do is to put your country code, phone number and email address, after that You will be sent an SMS to your phone number to verify your account, and with that, setting up Authy is over.
Authy is designed in a way to make your token front and center, with an easy one-click option to copy the code.
All your other tokens live in a drawer on the bottom. Each has their own theme, based on the official color of each brand which makes it easy to recognize what token is this based on the color alone.
Adding an account
It’s simple, slide open the drawer at the bottom. Tap on Add account, then tap on Scan QR Code. That’s it.
Settings are divided into 3 groups: Accounts – My Accounts – Devices.
Under My Account, you will find your account information: phone number, email address, Authy ID.
Also, you will be able to set the Protection Pin and either Allow or Disallow actions in notifications. Meaning, when you get a One-Touch notification request to login into an account, you can have the ability to accept or decline the request right there from the notification.
Under Accounts, you enable or disable Authenticator Backup, Change Password and view One-Touch requests for all your accounts individually.
Last but not least, under Devices, you can enable or disable the option to allow your Authenticator Tokens to be synced across multiple devices. If this option is enabled, you will be able to manage all your devices from that setting page.
One Last Thing, for WordPress.org users!
If you are a WordPress.org site owner and you would like an extra layer of security, all you need to do is install the Authy plugin, you can find it here. Just install it, enable it, go to Authy website, sign up, follow the instruction and confirm your account. After you’ll have to create a new application inside your Authy dashboard, copy your API key, save it on your WordPress Authy plugin, enable Two-Factor Authentication in your WordPress profile account and you are all set.
You now have Two-Factor Authentication protecting your WordPress.org site.
Sure, Google Authenticator is okay but Authy is way much better. Hands DOWN. Especially for people who have multiple devices and want to sync their token across all of them.
It’s easy to use, free, and it is still being worked on despite the company being acquired back on February 24, 2015, by Twilio.