authy

This is a Go library that allows you to access your Authy TOTP tokens.

It was created to facilitate exports of your TOTP database, because Authy do not provide any way to access or port your TOTP tokens to another client.

It also somewhat documents Authy's protocol/encryption, since public materials on that are somewhat scarce.

Please be careful. You can get your Authy account suspended very easily by using this package. It does not hide itself or mimic the official clients.

Applications

authy-export

This program will enrol itself as an additional device on your Authy account and export all of your TOTP tokens in Key URI Format.

Installation

Pre-built binaries are available from the releases page.

Alternatively, it can be compiled from source, which requires Go 1.12 or newer:

go get github.com/alexzorin/authy/cmd/authy-export

To use it:

1. Run authy-export
2. The program will prompt you for your phone number country code (e.g. 1 for United States) and your phone number. This is the number that you used to register your Authy account originally.
3. If the program identifies an existing Authy account, it will send a device registration request using the push method. This will send a push notification to your existing Authy apps (be it on Android, iOS, Desktop or Chrome), and you will need to respond that from your other app(s).
4. If the device registration is successful, the program will save its authentication credential (a random value) to $HOME/authy-go.json for further uses. Make sure to delete this file and de-register the device after you're finished.
5. If the program is able to fetch your TOTP encrypted database, it will prompt you for your Authy backup password. This is required to decrypt the TOTP secrets for the next step.
6. The program will dump all of your TOTP tokens in URI format, which you can use to import to other applications.

If you notice any missing TOTP tokens, please try toggling "Authenticator Backups" in your Authy settings, to force your backup to be resynchronized.

How do you then import it into another app?

Up to you, depends on the app. If the app uses QR scanning, you can try stick all the dumped URIs into a file (tokens) and then scan each QR code from your terminal, e.g.:

#!/usr/bin/env bash
cat tokens | while IFS= read -r line; do
  clear
  echo -n "$line" | qrencode -t UTF8
  read -p $"Press any key to continue" key < /dev/tty
done

Batch support

When environment variable named AUTHY_EXPORT_PASSWORD exists, authy-export does not ask for a password and uses the variable instead. Use with care!

LICENSE

See LICENSE

Trademark Legal Notice

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement