Friday, July 9, 2021 [Tweets] [Favorites]

Migrating 2FA Codes From Authy to iCloud Keychain

Dan Moren:

Nice as it would be if Apple’s new system could simply import all your codes from Authy—or other apps like Google Authenticator—it doesn’t seem as though that’s an option for that at present, which isn’t entirely surprising given the security issues involved.

[…]

I found a tip that lets you easily display all of your time-based one-time password (TOTP) setup keys from Authy using the Authy Desktop app for Mac and Google Chrome.

The end result was that I spent about an hour laboriously copying each setup code into the appropriate password entry in the Safari Technology Preview’s Password section and—just to be on the safe side—logging in to each website to make sure it worked.

I’m interested in using this feature to enter 2FA codes more easily and to sync them using iCloud Keychain, but testing it out is giving me doubts:

Previously:

Update (2021-07-09): Dave Wood:

I’m surprised Apple even added this as a feature. Just like storing 2FA codes in 1Password, it’s no longer 2FA if both factors are stored together.

1 Comment

Why would I ever want my 2FA codes in my password manager? If my master password ever got out, the attacker would have access to everything.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment