My Delayed Migration to Authy (and Google Chrome Password Manager)

For years I was an enthusiastic 1Password user. Then I became less enthusiastic.

Around the time I decided I wasn’t going to pay for any more 1Password updates, I began to research alternatives. Many shared the aspects with 1Password that made me want to leave it.

I decided to try Google Chrome’s password management. Because it is part of the browser, its browser integration is excellent. And it’s free. But it lacks support for One-time Passwords (OTP). Of course, Google offers the Google Authenticator app, which I used before 1Password added support for it. But Google Authenticator has no cloud syncing.

Authy only stores one-time passwords, and it offers cloud syncing. Perfect, right?

Initially I added my Twitch account — which seems to have a specific integration with Authy — and Twitter. I tried to add my Nintendo account OTP to Authy, but it had two problems:

  1. It never worked. It didn’t match the code in 1Password, which did work.
  2. Depending on the device on which I was using the Authy app, Authy would repeatedly insist that I decrypt it. I’d type in the password I believed was correct, but it wouldn’t work.

The second point scared me: Was this my future if I embraced Authy? Codes that don’t work and failed decryption?

More than seven years after creating an Authy account, I had gotten very tired of needing 1Password on my phone to access my OTPs. I decided:

  1. I wanted to move all my OTPs to Authy and
  2. That meant first I was going to have to sort out the problem with my Nintendo account and Authy.

I again tried to decrypt my Nintendo OTP in Authy; No luck. I could see it on my iPhone, but it never worked. So I decided to delete it. I have cloud sync turned on for Authy. I deleted the account on my iPhone, and Authy told me it would take two days before it was gone for good. The account was still visible — but unusable — on my Windows PC, so after a day I deleted it there, too.

I gave it another day or so. Then I tried to copy the working OTP for my Nintendo account from 1Password to Authy. 1Password allows you to edit an OTP (this is handy; 1Password does have some good features). In 1Password, on the screen for my Nintendo account, I clicked edit and then copied the entire string shown for the OTP field. I pasted this into Authy, but it didn’t match the code in 1Password, and wouldn’t let me log in.

I did some Googling, and found this post on Reddit: Move one-time passwords out. The trick is to grab the value after secret=. I tried it and it worked.

I quickly copied all the OTPs that I could remember needing. I then installed Authy on my devices.

Today I’m much closer to retiring 1Password once and for all. It’s a good feeling.

This is a happy ending, but it’s not perfect. Authy isn’t perfect.

I’m currently forced to use Authy’s Android app on my Chromebook. I don’t like Android apps on ChromeOS, and I avoid them. I spent an hour or so trying to get the Authy’s Linux app installed on my Chromebook, and the install appeared to work, but the only Authy I can find on my machine is the Android app.

Authy’s security measures are confusing. There is a backups password, a master password, and a PIN. This is too much. 1Password has a master password and, if you use it on a mobile device that doesn’t have biometric authentication, a PIN. I can think of no good reason why Authy’s backups password — for attaching the Authy app on a new device to your Authy accoung — and master password — for unlocking the Authy app when you unlock your computer or launch the app — could not be combined.

So there are two things about Authy that annoy me. And if Google every combined Google Authenticator with Google Chrome’s password manager, I’d probably ditch Authy. But for now, it’s a free OTP manager with Cloud syncing, and that’s exactly what I was looking for.

My Delayed Migration to Authy (and Google Chrome Password Manager)