Just use https://getaegis.app/ it is more secure https://discuss.privacyguides.net/t/security-and-privacy-failures-in-popular-2fa-apps/18220 than any authenticators out there.
Using Authy adds more attack vector to GrapheneOS users https://www.androidauthority.com/authy-2fa-api-hack-3457429/
You should absolutely get in contact with them and complain.
I just did this, and was forced to register a Twilio account before being allowed to contact Twilio/Authy Support.
I've abandoned Authy for Aegis.
horde It's missing the point of the article, though. It's not about Authy, though I imagine some people are forced to use it by their work environment etc.
The larger issue here is apps doing this in general, not any one app in particular. Play Integrity itself needs to change or be regulated out of existence.
matchboxbananasynergy Is the GrapheneOS team optimistic about the future regarding Play Integrity?
You may find this post on Mastodon helpful:
https://grapheneos.social/@GrapheneOS/112878070618462132
By the way, there is also a discussion that is about the topic you asked about:
https://discuss.grapheneos.org/d/14585-action-against-google
Murcielago Thank you bro!
I have another potential work around that worked for me. I setup Authy in an Android Emulator called Genymotion. It is naturally rooted (I had already installed Authy a while back, so I don't know if it can be installed now - but I will check on that when I am ready to delete Authy, and try to reinstall it). Within the emulator, I installed Aegis and imported the Authy codes. From there I exported to any app of choice like Ente, or keep with Aegis. However once on Ente, it can sync to your other devices right from the emulator.
The emulator is good to have on your PC as another way to access the synced codes without needing your phone (since many of these apps are only mobile apps and not web based or work on PCs).
Here are some options:
https://help.ente.io/auth/migration-guides/authy/
However, I'd suggest the best way to do it (albeit a little time consuming) is to log into each service, turn off 2fa, and turn it back on using Aegis (or another 2fa solution).
I agree with treenutz68 on this one. Migrating MFA codes by signing in to each service in turn is annoying, but likely the safest way (and, ignoring the security aspect for a second, might also take less time than acquiring another device and rooting it?). I migrated manually, it was a slight pain but at least I only had to do it once.
I have always made a copies of the QR codes and kept them with the backup codes everytime I signed up for 2FA, I keep these in an encrypted vault. When ever I wish to switch auth apps or reinstall I just reuse the original QR codes and I am back up and running, its an easy way to install on several devices and the codes generated are an exact match as its the exact same "shared secret". I adopted this strategy long ago thanks to Leo Laporte. I keep these up to date when I change anything.....a good backup strategy is everything.
I'm looking for a replacement to Authy. I want like Authy that works on both Android and IOS, and has cross-platform cloud sync. These don't fit the bill:
Aegis - not available on IOS
Bitwarden Authenticator - available on both Android and IOS, BUT cloud sync currently uses the OS cloud sync, so no syncing between the two environments
It looks like Ente is multi-platform, and has OS-agnostic cloud sync. I'll work on migrating my 19 TOTP codes over to it, assuming it works on GrapheneOS.
rjrizzuto Ente Auth will work fine on GrapheneOS.
Thanks, I'm in the process of migrating. I have verified that the cloud sync works between my grapheneos phone and my stock android tablet. I used to have an iPhone, but do not at the moment, but I feel pretty certain that will work fine.
This is my third attempt to migrate to grapheneos. Third time seems to be a charm - so far I have not hit any insurmountable issues.
