Popular posts

Funny to bump in to you here Henri! Ever since Authy's data breach a mere month after your post, I have been thinking of moving from Authy. They have since however made this next to impossible:

• The Go library doesn't work anymore with new attestation requirements
• Logins using previous desktop versions that allowed for export were disabled
• The Android app has been updated to block bootloader unlocked devices (not even rooted, which some banking apps don't even do).

This is more secure, of course, but seems awfully convenient when so many are trying to migrate away after the data breach.

If you're curious, a solution to export keys now is to use a rooted phone and dance around the Play Integrity API used by the Android client. I have confirmed that this works, but the majority of people would probably just have to set up 2FA manually for each service if they want to move away...