What is Reddit's opinion of
Authy?
From 3.5 billion Reddit comments
➔ Authy website
By popularity on Reddit, this Service is:
100 reviews of this app found across Reddit:
I used Google Authenticator a while ago, but I've since switched to Authy. It's backwards-compatible with all Google Authenticator tokens, but with a shitload of extra awesome features.
It'll back up your tokens for you so that if you lose your phone, you still have all of your accounts
It'll sync your tokens across any device you have, so any tokens that you add on your phone will be accessible from your tablet.
It can show all of your tokens in a Notification Centre plugin
It'll wirelessly connect to your computer, so you can just click a button on your computer and copy the code to your clipboard instead of getting out your phone and opening an app to read and type it in.
TouchID app protection. Google Authenticator will show your codes right away when you open the app, but you can make Authy require your fingerprint or a password first.
Plus, they've also made their own kind of tokens which make longer codes, which make your accounts even more secure. Humble Bundle uses this, and the code that it generates is 7 numbers long instead of 6.
Edit: Also, when you connect Authy to Humble Bundle, you just need to type in your email address to make codes show up on your phone. You don't even need to scan a QR code!
It is very unlikely they got it from Twitch as they don't store your phone number unless you have SMS notifications turned on. Can you think of where it may have been posted before?
Your phone number, the one used by Authy (for 2FA) is saved with Authy itself, you have to visit their website to change it.
I'll just take this chance to recommend Authy. It can consolidate all those 3rd party authenticators AND it stores it in the cloud so when you get a new device, you just log into your Authy account and BAM - all your 3rd party authenticators are setup and ready.
Obviously you need to trust them to store these things "in the cloud" so that may deter some people.
We don't know what's compromised yet so lets assume her phone has been rooted and he knows her Google password.
First, your friend needs to set up 2 step authentication on her phone as well as change her passwords. I know you said she changed her password, but she also needs to set up authentication. That way just knowing her Google password will not grant someone access. Here is something called Authy. All you need to do is download the Authy app and follow the instructions.
Next, you need to find out what is taking up all the space. On my phone I can go into 'Settings' and get a bar showing what is taking space. Or you can use this.
Your friend should have a strong password on her phone, and she should not leave it out. Even with a strong password someone can easily look over your shoulder to gain access.
What did you use to check if the phone was rooted?
Have her try browsing incognito or have her internet history automatically deleted. It would be best if we can eliminate him knowing her Google info as dealing with a rooted phone is not as easy to explain.
Lastly, if he is coming off as very shady maybe she should take a break from him.
*edit Forgot to add she can check what devices have logged into her account here.
https://www.authy.com/about has all the info you need about who they are.
The app is extremely reliable. They're super transparent and take security very seriously, too.
I've been using it for about a year or so and have never had any issues with it. The cloud backup thing is fantastic, I've switched devices and installed it on multiple devices without a hitch. It's very secure, but it's optional and off by default:
> First and most importantly: backups are optional and are off by default. [...] Second: backups are encrypted before uploading them to the server and we do not have the decryption key
> Backups are done in several steps. I'll try to be as descriptive as possible to avoid any confusion or misinterpretation.
> We ask you to enter a password. The password has to be greater than 6 characters and we recommend at least 8.
> Your password is then salted and ran through a key derivation function called PBKDF2. The details of how this is done are quite important: We use SHA-256 which is slower than SHA-128. (slow is good here). We use 1000 rounds. This number will increase as the low range Android phones processor power increases. We salt the password before starting the 1000 rounds. The salt is generated using a secure random.
> Using the derived key, each authenticator key is encrypted with AES-256 in CBC mode along with a different IV for each account. Some Authenticator keys are unfortunately 128 bits or less. In such cases we pad them using PKCS#5.
> Only the encrypted result, salt and IV are sent to Authy.The encryption/decryption key is never transmitted.
> Lastly I just want to re-iterate that all encryption and later decryption happens inside your phone.
You should check out Authy instead. It works with any Google Authenticator-based account, but it does it better!
With Authy, you can sync your tokens across multiple devices, make backups, and protect the app with a passcode. It also supports up to 8 digits for a code, instead of being limited to 6 digits like Google Authenticator.
You'll want to reach out to Authy support. https://www.authy.com/phones/change/
Technically if you're a technical person, one could get their Twitch oauth token from the phone app and replace it with the website token to remove 2FA. But that involves a bit of work and technical know how.
If you have a new number use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before).
Otherwise open a ticket https://help.twitch.tv/customer/portal/emails/new use the issue "logging into my account" (no need to login on the form, use a email you have access to).
After recently going through a similar issue here's likely the solution.
Authy is terrible in that it locks to a phone, relies on cloud storage, and doesn't give you exclusive control over your keys.
This also means it's fairly trivial to get access back, or attempt to steal someones elses account due to less than ideal security.
All you need to do is fill out a phone change form, press yes in the email it sends and wait several days.
https://www.authy.com/phones/change/
I'd also recommend messaging twitch support and request a change to using the open standard TOTP used in apps such as google authenticator. Presuming you make and manage your own backup, getting locked out of your account would be exceedingly unlikely.
My support question to Twitch took roughly 10 days for an actual person to reply. Surprisingly good for this industry and other things I've read. In minor back and fourth with twitch support, it was implied they would be able to remove the authy 2fa upon request.
This is posted in /r/Eve but applies to more than just your EVE accounts. Put it on your email address as well and anything else you care about (and offers 2FA).
I personally use Authy which I find nicer to use than Google Authenticator, but whatever works for you. Set up some pincode (or on iPhone with Authy: Touch-ID) so that if your phone (or other device) is ever stolen the "new owner" doesn't have access to your 2FA authenticator app.
Last tip: set up 2FA using the QR code on more than 1 device at once, like your phone and tablet (or old phone or browser extension). That way if your phone is ever stolen, malfunctions or something else happens to it, you can still access your accounts using the other device(s).
Create support ticket about that and don't use Google Authenticator anymore because it's utter crap. If you want to keep your codes accessible and secure after losing your device you might want to use for example Authy. It's just Google Authenticator but way better and with synchronization
If you lose your phone you can just download authy on your new phone and you will be all set ....as long as you have the same number.
If you change your number you need to reset your number with authy here.
Setup Two-Factor authentication.
https://help.guildwars2.com/entries/27626157-Two-Factor-Authentication
If you do not have a smart phone you can use something like Authy https://www.authy.com/
Also I would be sure that your email address password and Guild Wars 2 password are different passwords. I would also change both your email password(Email first) then Guild Wars 2 password right away.
The most common cause is that your email and password has been leaked from a insecure sites and your password that you used on that insecure site is the same for the password that you used for your email. You can check common leaks by putting in your email at the following link:
New phone? Use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before)
or just use Authy, it has cloud backup and desktop(windows, mac, linux) client BUT for some reason arenanet doesn't recommend it
EDIT: someone needs to ask at the next ama(I will probably forget) why they recommend crap like winauth or google authenticator and not Authy, just that cloud backup function will stop so many future tickets. Just saying anet.
Authenticators are not that bad. Usually you get a recovery password or other method to access the account in case you can't use your phone. If you write them down somewhere safe, then you're fine.
The biggest advantage of the authenticators is that even if a son of a bitch somehow finds your password, he still can't access your account. And in some accounts that's of the utmost importance, like your main e-mail where you receive all the reset password messages, or Steam, that holds thousand of dollars worth of games and tradable virtual stuff.
Lots of services uses the "Google Authenticator" system. For those I recommend the Authy app. With it, you can use more than one device to generate the passwords, even your PC, so it's way harder to lose access to a site because you don't have your cellphone in hand. Authy is so handy that you end up getting bothered when a service offers a non-Google-Authenticator authenticator, like Steam just did. ಠ_ಠ
All 2FA on Twitch is handled through Authy.
https://authy.com/guides/twitch-3/
https://www.authy.com/phones/change/
You'll want to go though their support, they have a process for users that have changed their numbers.
You can change the number on your Twitch account to your new one via this form: https://www.authy.com/phones/change/ Twitch uses Authy for all of their 2FA, even if you just used the SMS version.
All 2FA is handled though Authy. Authy is the service that is texting you.
https://authy.com/guides/twitch-3/
https://www.authy.com/phones/change/
If you downloaded the app to your phone or browser you could have use while your SIM is missing. Otherwise you need to go though their service or contact your phone provider and get a new sim.
If you want to contact Twitch support directly you should use the ticket portal https://help.twitch.tv/customer/portal/emails/new
However I would suggest first if you haven't tried, use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before)
https://www.authy.com/phones/change/
There's a good chance that you might have to reset all of the authenticators with each website. I also have a Yubikey with U2F that I use with all the websites that support it in addition to Authy. So if I lose the phone, I still have the Yubikey (and I have a cheaper Yubikey as backup) to access secure accounts.
Authy user here, here's their response regarding the thing that happened.
https://www.authy.com/blog/security-notice-authy-response-to-cloudflare-cloudbleed-incident/
> # If you or your users use the Authy apps > > If you use the Authy app on iOS, Android or Chrome, all you need to do is start your Authy app, at which point it will communicate with our service and be told to regenerate its keys. > There are three kinds of data used in the app that are sent to our cloud service: > > 1. Authy tokens generated by customers of our API. As soon as we knew about the incident, we immediately initiated a process to rotate all device keys that secure the Authy tokens. The next time you open the Authy app, it communicates with our service and will generate new keys. This is a silent action and doesn’t require any input from the user other than starting the app. > 1. Google Authenticator tokens that users have scanned and backed up to the Authy cloud service. Tokens are encrypted in the app using a key derived from the user-typed password, and the tokens are sent to us and securely stored. The password is never stored in Authy and therefore was never at risk from being exposed. Our general guidance, however, would be for users to re-enroll their Google Authenticator tokens at each site they use. > 1. Authy OneTouch requests generated by customers of our API. No key rotation is needed, as the private key data never leaves the devices. >
Take the SIM card out of the phone, chances are high it survived (unless it's one of those US CDMA phone that don't use SIMs), put it in another phone (friend, parents, etc.) and request the OTP token via SMS.
If that doesn't help, a better address for support is Authy in this case, as they handle the 2FA => https://www.authy.com/app/#support
https://www.authy.com/blog/do-not-use-your-google-voice-number-for-two-factor-authentication
Please note that putting both your SMS authentication AND the 2FA token on the same computer is a very very very bad idea. Do it if you must, but you'd better secure your computer tighter than Fort Knox if you do. One hijack and the attacker will own EVERYTHING.
I prefer Authy; Android/iOS/BlackBerry support (still no Windows Phone though :(), and a Chrome Extension (if you want to use it on PC and not be tied to your mobile), PIN protection for the mobile app, and support for a number of authenticator algorithms, including those used by Google and Microsoft.
Got this suggestion from CB support:
1) If you have the Authy app on your phone, uninstall it
2) Complete the steps at https://www.authy.com/phones/reset
3) If you want to use Authy to get your verification tokens, please re-install the app. If you want to get your verification tokens via SMS or voice, please DON'T re-install the app!
Evidently a new change is that if you have Authy on your phone you can only get tokens via Authy. To get SMS/voice tokens you have to uninstall Authy.
Also, Authy says that the Heartbleed shindig caused them to "rotate your seeds", whatever that means:
Ahi!
Non appena recuperi l’account cambia password e prendi buone abitudini:
1) Usa un password manager e crea password uniche per ogni account, memorizzandole e avendole sempre a portata con Bitwarden, su smartphone e browser
2) Abilita l’autenticazione a due fattori per gli account che supportano un Authenticator. Puoi usare Google Authenticator (bleah 😣) oppure Authy
Try using Authy's phone number change request form to change your number, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before).
No, once you setup you can't turn it off.
The only place I can see authy related message is under changing your phone number. Other than that, there's no place to change it.
Change Your Phone Number
In order to change your phone number, you will need to submit a "change phone number request" with our two-factor authentication partner, Authy. Once the change has been made, your new phone number will be updated on our system. Start the process by visiting https://www.authy.com/phones/change
You could try using Authy's phone number change request form to get the number on your old account changed, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before). After you get back in to your old account, you would go into your Security and Privacy settings, and check Enable additional account creation.
If this doesn't work, you could try a handy Gmail trick where you could put a dot in your Gmail address (ex. [email protected]), or put a plus sign followed by a word before the @ part of the email address (ex. [email protected]). Just remember what you did so if you need to verify your email
Use Authy's phone number change request form to change your number, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before).
Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before), so use Authy's phone number change request form to change your number, read the guidance first.
Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before), so use Authy's phone number change request form to change your number, read the guidance first.
This is not correct. Tweeting @TwitchSupport does nothing as it is an Official Twitter for announcements and they do not have any control over 2FA as it is all with Authy. You will have to change your number with them. Even if you do not have the app, you can still use their site through this LINK and then be able to change it so you will have access to the account.
Try resetting the account. https://www.authy.com/phones/reset/ All 2FA has to go through Authy as they are the one that runs it. If that does not work, you would have to contact their support and not Twitch.
That may make things a little bit more difficult. Alright well, a couple of things to try: https://www.authy.com/phones/reset/ or https://www.authy.com/phones/change/
From what I can see Twitch is still using Authy for SMS 2FA, so they should be able to help you directly. This article should help: https://support.authy.com/hc/en-us/articles/234707947 - If not just contact them directly through their website.
Rosie from Coinbase here.
Please try resetting your phone number here then try logging in again. If you still do not receive the 2FA code, please reach out to us at and we'll investigate. Thank you!
Personally I highly recommend the use of Authy. It works with google authentication and allows you to have access to the authenticator app either through your phone or the desktop app. So if you lose access to your phone, you can still get authenticated by using the desktop app.
Rosie from Coinbase here.
To change or update your phone number on file with us, you can do so here.
If you have any trouble, please reach out to us at
Do you currently have a phone with a different number? If so you can use the Authy Phone Change request form to transfer the Authy "account" linked to your old phone number to a new number: https://www.authy.com/phones/change/
Rosie from Coinbase here.
Sorry to hear about your frustration with 2FA. Please try resetting your phone number here then attempt to login again.
If you continue to receive the same error, please reach out to us at .
Rosie from Coinbase here.
Sorry to hear you are having difficultly logging into your account. Please try resetting your phone number here: https://www.authy.com/phones/reset then try logging in again.
If you still are unable to login after resetting your number. Please contact us at and we'll assist you further.
It is a pretty known vulnerability. There have been a lot of instances where attackers have gained access to additional accounts or 2FA that they would not have been able to access if they did not have your phone. Basically you are no longer separating your phone and your email, which makes SMS as 2FA worthless.
https://www.authy.com/blog/do-not-use-your-google-voice-number-for-two-factor-authentication
i know this doesn't help much now, but if you didn't know, you can actually set up a key (the official swtor security key, google authenticator, authy),with your smartphone or use Authy on nearly any device.
I didn't find a Linux desktop alternative, at least not through a quick Google search. I don't know if having a desktop 2FA alternative is a 'must-have' or if just having an alternative that'll work with a Linux setup will do for you.
I use Authy (https://www.authy.com/) for my 2-factor authentication needs and it works like a charm for me. I've got Google Account, Amazon account, GitHub, and Dropbox account 2-factor codes 'synced' to not only my Authy Android app but also the Authy Chrome extension (right now they're having some problems with the Amazon authentication; the app works fine, the Chrome extension code is incorrect, but they're working on it).
Their website says they support Coinbase, but in terms of your other needs I know that you can QR scan or manually enter in codes to set up 2-factor accounts. It's free to download, free to use, so it might be what you're looking for. If you install it, set some stuff up, and it's not what you need then you can always have your account(s) erased from their servers and delete the app.
There's also FreeOTP, I know you can get it from F-Droid for Android or from the Google Play and Apple App Stores. It's a very agnostic platform, not a lot of frills (no cloud backup like Authy, for instance, and the UI is pretty spartan), but it does the trick.
Again, these are phone/browser based solutions, so don't know if I've just given you a whole lot of information that doesn't work for you, but thought I'd toss it out there just in case. I kind of figure that, Chrome extension aside, having the 2FA key separate from my computer is another sort of security step: if you've got my computer, at least you don't have the 2FA keys along with it.
> additional protection that as far as I know no other game company has done.
There are plenty of companies who have authenticator app. Take a look at Authy, which combines a lot of authenticator apps into 1. Including Facebook, Google, Dropbox, Amazon, Outlook, Evernote, Coinbase, LastPass, Github, Twitch and more.
I'm pretty sure you've heard of multiple of these. Most banks have a similar system as well (I get a text message with a code, another bank here requires you to put your bank pass in a special calculator to get the authentication code)
Adding security isn't a case of "our security is crap". Adding security is a case of "our security isn't perfect yet".
Passwords can be brute forced and written down, authenticator codes cannot. This inherently makes them a lot more safe than that password that most people never change.
I've never been hacked either, but I'd like to keep it that way so I'm keeping my security up.
I don't see why Blizzard didn't revert his account either. But that doesn't change the fact that everyone is responsible for the security of their own account. I'm pretty sure that if Blizzard got hacked for this, we'd hear of more people who lost their account.
I recommend using authy(https://www.authy.com/) instead of Google Authenticator app. Authy does a (encrypted!) backup of your tokens, so can use it on multiple devices and even on your (trusted) computer. And loosing your smartphone is not as tragic as with google auth.
Protip for next time, instead of using Google Authenticator, use Authy instead. It works the same as Google Authenticator, but has multi-device support so all you need to do to get your authenticator codes to your new device is sign into your Authy account and enter your backups password. It also has desktop apps in case you don't have access to your phone. The keys are encrypted on their end, so as long as no one guesses your backups password you're good to go!
The only caveat is that you need to provide your mobile number when you sign up / sign in on a new device, but this is only to make sure you're you when you sign in.
Even if they didnt make money, what is to worry? If the app was no longer developed you could switch back to Google in the same manner as switching to Authy (which is a horrible process and why most people use authy in the first place!)
You might also consider using Authy as your authenticator app instead of the original Google Authenticator; it works with anything that uses Google Authenticator's system, and it can also sync with a Chrome browser plugin / desktop app so you can get at your codes from your desktop as well.
With the Authy app, as long as you maintain the same phone number, installing the app will automatically generate valid login tokens for you.
That being said, having a backup is always a good idea.
If you plan on changing phone numbers, Authy has a process for that (here: https://www.authy.com/phones/change). If you maintain access to both phones, you can do the change with no trouble at all in your Coinbase settings. Also, you can always use the Authy app for Chrome, which will generate valid tokens on your PC.
The PC app will make you more susceptible to hacking, but you can use it as a band-aid during your phone change - just use a unique password and uninstall it after you make the change.
I'm using Authy on my phone, it has an option to backup your authenticators, it is encrypted and is secured by sms so for someone to restore your backup they would need a phone with your phone number. If you lose your phone or get a new phone all you need to do is confirm your account with sms, enter a password and restore.
Authy also works as a chrome plugin, so you can use it on a computer as well. If you only have a dumbphone you can probably use Authy in your browser and use sms on your phone for verification, not completely sure of this though.
Asked Coinbase via chat.
→JW what happens if i lose/break my phone with 2FA enabled? what recourse do I have to get back into my account?
This would occur
We use Authy as our third-party service provider for 2-factor authentication codes (SMS). It appears that you would like to reset and refresh the settings with the phone number on file. You can do so with Authy here: https://www.authy.com/phones/reset If you have any other issues, please read the Authy FAQ for more common questions: https://www.authy.com/faq If your issue still is not resolved by this, it IS NECESSARY to contact Authy Support by emailing them at for additional assistance. or www.authy.com/phones/change
What is this "authy" bitcoin startup they are mentioning? I could see this Authy's 2-factor business model giving it an inroad here, but I couldn't find anything on them actually getting in to the bitcoin space.
edit: confirmed it is the same "Authy" as I linked to, as they mentioned Daniel Palacio in the article. Missed that originally. Still the first I've heard of them doing anything directly in the space versus just offering 3rd party 2-factor sign-ins.
Use another authenticator app: https://www.authy.com/
Authy is tied to your phone number, e-mail address and your whole portfolio of authenticators is then encrypted by a password. You need to verify via email, SMS, and password before being able to restore a backup.
It's solid and I don't EVER worry about flashing ROMs, wiping my phone or even losing my phone. I could lose my Nexus 5 today and be up and running by setting up my work iPhone.
Edit Sorry didn't realize they don't have a windows phone version, but for all other iOS and Android users out there, I recommend Authy over Google Authenticator any day.
It does. I disabled 2FA thinking it would get rid of Authy, but during re-setup of 2FA, it required me to validate a 7 digit number, and after that it then asked for a QR code scan. I just tested, but during login I can use SMS, Authy code (7 digits), or Authenticator codes (6 digits). The Authy and Authenticator codes are distinctly different.
My screen shows I have SMS as backup and if I try to modify/remove it, I get taken to an Authy page. You can't simply just remove a number like most other sites allow you to remove a SMS 2FA number. It seems I'm still somehow tied into Authy.
I had the exact same questions myself. I see a few options, if you want to be less reliant on your phone for 2FA:
- Create backups of the 2FA seed codes (the scanned QR codes or text strings you need for setting up 2FA in the first place) and store them somewhere safe.
- If you use Google Authenticator, migrate your accounts to another phone (e.g. an old phone you might have lying around) to have a copy.
- Use Authy authenticator, which is multi-device capable. Can sync e.g. iPhone, iPad und your Mac, but offers no backups
- Get a password manager that integrates 2FA, e.g. 1Password. Depends on if you like to have all eggs in one basket, as this sets you up with a single point of failure.
- Use an authenticator that offers backups of your 2FA seed string, such as Daito Authenticator and that is web-based (no phone needed), but more targeted towards teams, not individual users. (Full transparency: I am the founder of Daito Authenticator.)
While a YubiKey is great, you can also lose it, which is why you should always have two. Additionally, a yubi key is not supported by all software. You likely still will need a regular 2FA authenticator on top.
Use Authy's phone number change request form to change your number, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before).
If you remember your old number, use Authy's phone number change request form to change your number, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before).
Authy is the provider for 2FA for Twitch. So the first place to go is to Authy to change the associated number.
If you've lost access to the 2FA because your number changed, you could try using Authy's phone number change request form to get the number on your old account changed, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before). After you get back in to your old account, you would go into your Security and Privacy settings, and check Enable additional account creation.
If that's not possible, you'll have to use a different email address. Some email providers provide a way for you to have aliases under one email account, you'll have to check with your email provider to see if this is possible.
Do you remember your old number (or do you know anyone else that still might have it, like in an old text)? If so, use Authy's phone number change request form to change your number, read the guidance first. Authy handles all of Twitch's 2FA, including SMS texts (you do not need to have used the app before).
Authy handles all of Twitch's 2FA, including SMS texts. So if you were to get your number changed, you would use Authy's phone change form.
Does the person you trust use Authy for anything? If so, you would need to disable 2FA and then reenable it with your number.
In any case, the Authy app would be recommended, as it is more reliable, will allow for easy phone number changes, and it will save SMS messaging rates. In addition, the app is also available as a Desktop app as well as Chrome extension, so if you don't have room on your phone, you can install it on your computer. If you want to go this route, set up Authy using your trustee's number, and then you can change the number to yours once it is set up. If it is changed through Authy it will change through Twitch.
If you don't want to use the Authy app, and your trustee does not use Authy for anything, you can use the phone change form, and Authy will text your trustee making sure the number still isn't in use for 2FA. Your friend can reply to them "STOP" to stop the messages. It will take a few days to get it changed.
Use Authy's phone number change request form to change your number, read the guidance first. (Authy handles all of Twitch's 2FA, including SMS texts, you do not need to have used the app before.)
I also through it was extremely scammy but I called tmobiles number 611 directly. And my 2fa was not pinged it was being registered it said "Authy registration: click https://www.authy.com/register?pin=xxxxxx&cellphone=1-xxx-xxx-xxxx&device_app=authy or manually enter: xxxxxx" I got the feeling the rep has no idea about how crypto works. And nobody asked me for money directly, I asked the guy what coin was stolen so I could check that coins activity and he said 7k of Bitcoin. After I said I didn't have anything they were just talking to the other guy being like you'll have to go through police and didn't even talk to me again except to ask me to hang up
Use Authy's phone number change request form to change your number, read the guidance first. (Authy handles all of Twitch's 2FA, including SMS texts, you do not need to have used the app before.)
If you know your old number, or know someone that might have your old number somewhere. you could try using the phone number change request form to get it changed to your new number. (Authy handles all of Twitch's 2FA, including SMS texts, you do not need to have used the app before.)
Authy handles all sms based authentication.
If you are not getting sms tokens, you might need to reset the authy account: https://www.authy.com/phones/reset/
If you are having further issues with authy please contact authy directly: https://authy.com/help/
You may need to reset the authy account: https://www.authy.com/phones/reset/
Authy handles all SMS based authentication on Twitch, even if you didn't download or use the application.
If you need further help regarding SMS on Twitch, please contact authy directly: https://support.twilio.com/hc/en-us/requests/new
You may need to reset the authy account: https://www.authy.com/phones/reset/
Authy handles all SMS based authentication. If you need further assistance, please contact them: https://authy.com/help/
If you still know your old phone number, use Authy's phone number change request form to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before).
If you don't know your old number, would you know someone who might have your old number saved somewhere? Ask them to see if they still have it in their contacts or call/text history.
Use Authy's phone number change request form to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before).
Hi, Authy handles all SMS based authentication. You may need to reset your authy account, if you aren't receiving sms texts: https://www.authy.com/phones/reset/
If you are unable to get it working, I recommend contacting their support team.
It doesn't take 6 weeks if you go though the proper support. Twitch support doesn't hand 2FA lockouts.
All 2FA on Twitch is handled through Authy.
https://authy.com/guides/twitch-3/
https://www.authy.com/phones/change/
You have an Authy account even if you never downloaded the app. All 2FA on Twitch is through Authy.
If you downloaded the app to your phone or browser you could have used that. But you have to go though their support now instead.
If you still have access to your account, use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before).
To Quote from Authy:
Multi-Device: Simple & Powerful
The Authy feature that makes all this possible is called “Multi-Device.” You can find it under “Settings,” then “Devices,” then “Allow Multi-Device.”
What the Multi-Device feature does is pretty simple:
- When enabled, Authy allows you install new apps and add them to your Authy account.
- When disabled, you cannot install another instance of the Authy app for your account (although any existing devices with Authy installed will remain active).
When you first install the Authy app on a device, such as your mobile phone, we encourage you to install it again on another device, such as a tablet or desktop, as a backup. When you install, you can use SMS/voice to authenticate the new device, or you can use the existing device.
In some instances, you might find that SMS/voice is disabled and you must, therefore, use other devices for the approval. The reason for the lack of SMS/voice capability is because you might be using Authy with a cryptocurrency vendor such as Coinbase or Gemini. Due to security issues with SMS/voice, we disable them when your account is used for bitcoin access.
​
Full article : Understanding Authy's 2FA Multi- Device feature
​
To change your 2FA phone number use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before).
Please search prior to posting. Authy handles all SMS based authentication, even if you didn't use an Authy application.
You can submit a phone number change here: https://www.authy.com/phones/change/
Twitch cannot help, unfortunately.
Best of luck!
If I'm not horribly mistaken Authy handles all the 2FA stuffs for Twitch, including sms verification. So you might want to try https://www.authy.com/phones/change/ to change your phone number to one you can use. It will take some time. I recently did a similar process when my old phone to recover my 2FA account, it took 48 hours with multiple warning messages of what was happening.
The ticket process is the only way to deactivate without having a number, it will take a few weeks at the least to sort out.
Otherwise if you have a new number use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy handles all of Twitch's 2FA service, including SMS texts, you don't need to have used the app before)
Authy may not be able to switch your number for you however due to the service you are using.
All Two Factor Authentication issues are handled through Authy. This includes both the app, and SMS/text codes. You did not have to create an account at any point through Authy for this to be valid. For changing your phone number, please fill out a Phone Change Request form.
For assistance regarding another issues related to Two Factor Authentication, please contact Authy or review their help desk articles here.
If you have another phone to use for 2FA, use https://www.authy.com/phones/change/ to change your number, read the guidance first. (Authy also handles the SMS text service).
Otherwise you'll need to wait on your ticket.
There is a form to change your number here https://www.authy.com/phones/change/ but as you have made a new Authy account on your number I don't know how that may affect it. I would suggest emailing to check.
Disable Twitch 2-auth here https://www.twitch.tv/settings/security
Go to https://www.authy.com/phones/reset to reset or change your phone.
Enable two auth again on Twitch
I think that's the correct way to do it
Edit: You might not even have to disable Twitch 2 auth. Changing your phone number on your Authy account may be enough
Step One: Contacted Coinbase Support at least 10x over a month and Authy. Only Authy's Evelyn has responded, quickly, graciously and with as much help as she could provide.
Step Two: Started 2FA Account Recovery through AUTHY. https://www.authy.com/phones/reset (It's used for any reason; not just loss of phone) Rec'd email that said: "Our secuirty team has received a request to recover the 2FA account for the following number: xxxxx
For greater security, this process will take 24-hours and disable all Authy app installations on your account and allow you to reinstall Authy (or another authenticator) again using SMS or voice.
- Now I wait for 24 hours...
I get confused because I read in the Coinbase Support documents the following: "If you have lost your Authy device and your phone number has remained the same, you can quickly disable your 2-factor authentication by visiting https://www.authy.com/phones/reset. This will default your Coinbase account back to accepting 2FA codes via SMS only."
This is also restated at support.coinbase.com/customer/en/portal/articles/2488794-troubleshooting-2-factor-authentication: If you have obtained a new phone number, you will need to first perform a reset via Authy. To to default back to SMS for 2FA please visit: https://www.authy.com/phones/reset. Once you complete this step you will be able to change your number on file with Coinbase through our Account Recovery process."
While I have not lost my Authy device, my Authy Chrome extension is not working so my mind says that those instructions seem like they'd apply to my situation.
But I believe you are saying that those support words are incorrect -- that my account will not default back to accepting 2FA codes via SMS??
I have been scouring Coinbase looking for a link to account recovery process. I have found nothing. I clicked on verify A Phone just for the heck of it and I get asked to provide the 2-step verification code. There's no help link in that Verify A Phone pop-up. Confused. :-(
Thanks for the help. Seriously!!!
Twitch Support does not handle 2FA as that goes through Authy. To change the phone number use this link: https://www.authy.com/phones/change/
To reset the Authy account, use this: https://www.authy.com/phones/reset/
Authy Help Center - Lost phone or changing your Authy phone number
It boils down to worst case scenario using the following process which takes several days and multiple email verifications as well as possibly additional stuff.
https://www.authy.com/phones/change
I did this. It took about 4 or 5 days and like 3 email confirmations with nothing additional. I recovered my Coinbase account I was locked out of for 2 years. I learned I had received a $1 in BTC sign up bonus, which was now worth quite a bit more, lol.
Thanks for that info.
You can submit a phone number change here.
Even if you did not use the Authy app, they still handle all SMS based authentication. I'm sorry if that wasn't made clear to you.
Thanks! [](#bleedPurple)
"Coinbase token" here I think means the Authy key; not your bitcoin that you have stored at Coinbase, which is what your initial post sounded like.
But yeah, it sounds like you might need to contact Coinbase support to get access to your account again. Authy usually lets you use https://www.authy.com/phones/reset/ to recover, but that page has the note you quoted about that recovery method not being available for Coinbase.
Authy also had an optional backup method; if you enabled that in the app, possibly you could restore from backup as described at https://authy.com/blog/how-the-authy-two-factor-backups-work/ (but they might've disabled that for Coinbase too).
Hi,yes you should be worried,if the phone number that is set to receive the 2FA code is not yours then clearly your account was indeed compromised. Thanks to an old-ass and completely insecure routing protocol used by telcos SMS is NOT a realiable/secure 2FA method(SMS can be diverted to another number,read in transit ecc)example:
your best bet is to contact coinbase support(yes they are slow as hell,you can thank the recent surge in userbase due to bitcoin rising popularity.they are swamped). Though If i remember correctly their default SMS 2FA provider(the company that sends you the sms token on their behalf) is Authy so mayyyyybe someone got your phone number and used this Authy feature to reset it(they should require more info and Ids explicitly to prevent something like this from happening though,not sure): https://www.authy.com/phones/change/ Anyway,your best bet is to get a hold of coinbase support,obviously they will ask you for IDs and hopefully when everything is solved they will be able to find out what happened by checking their logs(you can also sse a detail of your account activity when you recover the account). sorry about this :/ i hope everything will end well
Rosie from Coinbase here.
Sorry for the trouble with trying to access your account. To change or update your phone number on file with us please visit Authy's website.
If you have any trouble or further questions, please reach out to us at .
Hello guys of this subreddit. With FaceIt recent addition of 2FA,, I would like to take the time to recommend you the app I've been using for a while now, it is call Authy.
When I first start activating 2FA for my account on websites/forums that allow me this extra secret, I was looking for a good app. A lot of website would recommend Google's 2FA app but I found it to be, "too simple" and then I came across Authy. It allow you to have access to your codes on multiply device and you can manage and see what devices are link to your account. There also give you the operation to restore your account, with all the account you have activated 2FA on it by using your "master password" or "backup password".
I would recommend using an app instead of constantly relying on SMS.
I personally use Authy (https://www.authy.com/)
Granted, I think you need to have access to an SMS service when you sign up for two factor authentication for the first time. I use google voice for this.
From the Authy FAQ:
>Q: I lost my phone. What should I do?
A: Go to this link and simply re-install the app to a new phone. All accounts will be synchronized back.
Rosie from Coinbase here.
To change or update your phone number on file with us please do so here.
If you have any questions or need further assistance please reach out to us at .
There are a couple options for this. Bluestacks is an Android emulator you can use to download mobile apps to run on your PC. Authy is 2FA software that stores all your 2FA credentials for access on both mobile and PC.
A5/1 has been replaced because it was found too weak. See this article . But a PSN account is not worth it.
2FA with SMS is a bad idea for a lot of other reasons. (no network, lost phone, delayed reception).
iMessage is not open to any one else than Apple, you can't automate sending messages.