Migrating 2FA codes from Authy to Apple’s system

One of the features I’m most excited about in Apple’s latest platform updates is the ability to save two-factor authentication codes into my iCloud Keychain. That means (hopefully) no more having to jump to a separate app—or even a separate device!—just to get one of those good old six-digit codes.

To date, I’ve relied upon Authy, an excellent app that not only makes it easy to store all those disparate account credentials, but also syncs them between devices as well as letting you back them up and easily restore them when you move to a new device. In fact, Authy made it so easy that whenever I could enable 2FA, I did. As a result, I have more than 30 accounts with two-factor codes.

So what I was not looking forward to was migrating all those codes from Authy to Apple’s new password system, a process that promised to be mind-numbing in the extreme, since I figured I would have to essentially log into each account, disable two-factor authentication, and then re-enable it. To boot, since Apple’s new platforms are in beta, it seemed like I should probably make sure Authy continues to work, just in case something goes wrong, which means doing the setup process twice.

Nice as it would be if Apple’s new system could simply import all your codes from Authy—or other apps like Google Authenticator—it doesn’t seem as though that’s an option for that at present, which isn’t entirely surprising given the security issues involved. (There is an import password option for Apple’s new system, but it’s mainly aimed at other browsers or password managers.)

Safari Passwords
The new password manager in the Safari Technology Preview

However, I found a couple of things that helped me speed up the process, shifting it from mind-numbing to purely tedious. First, Apple’s recently released Safari Technology Preview for Big Sur includes the new password manager, so you don’t have to upgrade to the macOS Monterey beta to get it. (Or deal with the iOS/iPadOS versions, which are a little more cumbersome.)

Second, I found a tip that lets you easily display all of your time-based one-time password (TOTP) setup keys from Authy using the Authy Desktop app for Mac and Google Chrome.

The end result was that I spent about an hour laboriously copying each setup code into the appropriate password entry in the Safari Technology Preview’s Password section and—just to be on the safe side—logging in to each website to make sure it worked. The biggest challenge was often figuring out which code went with which sites, since I often relied on Authy’s helpful icons rather than labelling them clearly.

But now I’ve got pretty much all of my accounts set up in Apple’s new system. Some websites are better than others about letting you autofill the verification codes, but most are pretty seamless already. (If the site worked with codes that were texted to you via SMS, then it ought to work with TOTP codes pretty seamlessly as well.)

The only downside is that it doesn’t work in the standard version of Safari on Big Sur, but in that case I’m no worse off than I was before: I can still refer to either Authy or Apple’s beta software to retrieve a code.

[Dan Moren is the East Coast Bureau Chief of Six Colors. You can find him on Twitter at @dmoren or reach him by email at dan@sixcolors.com. His latest novel, The Aleph Extraction, is out now and available in fine book stores everywhere, so be sure to pick up a copy.]

If you appreciate articles like this one, support us by becoming a Six Colors subscriber. Subscribers get access to an exclusive podcast, members-only stories, and a special community.

Read more at Six Colors

Scroll to Top
Skip to content