Authy — I messed up! Any suggestions?

I forgot I had used Authy to set up 2FA for some of my apps/accounts.

So, when I set up my new phone — I didn’t think to transfer Authy to it.

Only realised this morning, when something went south and I needed to sign in again with a 2FA.

Re-downloaded Authy onto my new device.
Had to get access via a sms’ed code.

Account still active — and 3 apps/account vaults present… that are all locked behind a “backup password”.

Oh no.
Went straight to 1Password, and zippity.
I don’t even remember creating one. And if I did, would surely have saved it in 1Password as well (I am usually very pedantic like that).
But nothing.

Can someone help me by explaining where that “backup password” would be?
Is it over in Authy on my old phone?
Did Authy create it automatically through some internal token?

And if I wiped my old phone — then that’s it, correct? No cigar/start over?

Did you try dismissing the password dialog? Authy regularly asks you to confirm your password, not because you need it to authenticate, but to ensure you haven’t forgotten it. If you just dismiss it, the app continued to work just fine. It is extremely annoying and it disrupts the task at hand. The only time you would actually need the password is if you had data loss and needed to restore from backup. But if you can already see your existing apps/accounts then I doubt that’s what is going on here.

You set that password. It’s what they use to encrypt your backup code hashes. As said above, when you use Authy regularly, they ask for it often to try and help you not forget it.

Try your most common passwords that you used before you started having 1Password generate them? (That’s what mine is.)

Best of luck!

You’re correct about what it is. What accounts you have in Authy are not encrypted behind your password. But the hashes that generate the codes are.

Situations like this one are why Authy does the annoying thing of trying to make sure you don’t forget it.

Ah, thanks. As I feared then. Live and learn.

What boggles my mind is where I would’ve saved that password. But since I cannot find a trace of it in 1PW, must be one of my long ones I keep for this type of thing — with past-me deciding that’s why I didn’t need to keep it somewhere safe. :roll_eyes:

Will keep trying. :crossed_fingers:t3:

1 Like