CyberSecurityBoard
Sponsor Register Login

Twilio will ditch its Authy desktop 2FA app in August, goes mobile only

The Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication app.
Authy is an authenticator app that allows users to set up two-factor authentication for their online accounts, generating a unique validation code every 30 seconds to facilitate authorized access.
The app's popularity is due to its ability to generate offline codes, cross-device syncing, the option to keep encrypted backups in the cloud for account recovery in case of device loss, and strong token encryption for security.
Its vendor, Twilio, warned today that it plans to sunset the desktop app this summer to concentrate its development efforts and resources on areas with higher demand.
Twilio is going through a turbulent period of restructuring, and the company announced today the stepping down of its co-founder Jeff Lawson as CEO and board member amid slowing sales growth and pressure from investors.
Twilio notes that the iOS app will remain available to download on M1/M2 Apple computers, so macOS users on Apple Silicon hardware won't be affected for now.
Enabling Authy's backups feature will cause your tokens in the desktop client to automatically synchronize with your mobile app.
Applications and platforms relying on Authy's API to authenticate their users must inform their customers of the need to switch by August 2024.
Twilio lists alternative desktop apps for users who can't or prefer not to use a mobile device for 2FA, with recommendations including 1Password, KeepassXC, Authenticator, Step Two, and Secrets.
It is noted that the Authy app lacks an export feature, so those who switch to another 2FA app will have to first disable Authy from every platform it's used on and then set up 2FA again on the new app.
Users are warned not to delete their tokens on Authy before they disable 2FA on their accounts first, as this may result in them being locked out of their accounts.
Depending on what action impacted users take, it is crucial to consider and perform the manual process steps with caution, as a single error could lead to losing access to accounts.
GitHub warns users to enable 2FA before upcoming deadline.
New phishing attack steals your Instagram backup codes to bypass 2FA. Get a mini desktop with $185 off a refurbished HP ProDesk deal.
Online museum collections down after cyberattack on service provider.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 08 Jan 2024 18:10:03 +0000


Cyber News related to Twilio will ditch its Authy desktop 2FA app in August, goes mobile only

Twilio will ditch its Authy desktop 2FA app in August, goes mobile only - The Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication app. Authy is an authenticator app that allows users to set up ...
5 months ago Bleepingcomputer.com
Rely on Authy desktop apps? You have one month to switch your 2FA, or else - Like many others, I have been a long-time user of Twilio's Authy Desktop app, a part of the company's range of Authy two-factor authenticator apps for various platforms. I started using it because it allowed me access to my authentication keys on ...
4 months ago Zdnet.com
Hackers steal millions of Authy 2FA phone numbers - Malicious actors have managed to steal more than 33 million phone numbers used by users of the two-factor authentication service Authy. ADVERTISEMENT. Authy is a popular security application to manage authentication codes for apps and online ...
23 hours ago Ghacks.net
MFA vs 2FA: Which Is Best for Your Business? - If a user falls for a phishing scam and their credentials are compromised, multi-factor authentication or two-factor authentication provide an additional safeguard against a breach. MFA uses authentication factors such as a pin, an SMS code, an ...
3 months ago Techrepublic.com
GitHub warns users to enable 2FA before upcoming deadline - GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor authentication on their accounts. In emails sent to GitHub users on Christmas Eve, the company warned that all users contributing code ...
6 months ago Bleepingcomputer.com
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
6 months ago Cyberdefensemagazine.com
The Virtual Desktop Revolution: Redefining Work an - A virtual desktop, also referred to as a virtual desktop infrastructure, is a virtualized computing environment that enables users to remotely access and control their desktops from any device with an internet connection. A user who logs in is given ...
6 months ago Feeds.dzone.com
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
2 months ago
Mobile Insecurity: Unmasking the Vulnerabilities in Your Pocket - Mobile devices have become indispensable companions in our daily lives, offering us instant access to a world of information and services. On average, mobile users interact with more than 20 applications each day, making these handheld marvels ...
6 months ago Cyberdefensemagazine.com
CVE-2024-39891 - In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a ...
1 day ago
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
6 months ago Blog.checkpoint.com
Brave to end 'Strict' fingerprinting protection as it breaks websites - Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes many sites to function incorrectly. Fingerprinting protection in Brave Browser is a feature designed to ...
5 months ago Bleepingcomputer.com
Mobile Device Security: Protecting Your Smartphone - To ensure the safety of your smartphone and protect your personal data from unauthorized access, it is crucial to take proactive steps to enhance mobile device security. Enable device encryption: Enable device encryption on your smartphone to protect ...
5 months ago Securityzap.com
Mandiant says X account brute forced without 2FA protection The Register - Well, Mandiant's carefully worded response basically said it wasn't implemented. It didn't specifically point to the policy change X announced in February 2023, which was to disable SMS-based 2FA for users who didn't pay for Twitter Blue, but some ...
5 months ago Go.theregister.com
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
6 months ago Feeds.dzone.com
Fake app impersonating LastPass spotted in Apple's App Store The Register - LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. A screenshot of the fake LastPass app in the Apple App ...
4 months ago Go.theregister.com
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
5 months ago Go.theregister.com
The Limitations of Google Play Integrity API - This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. Google provides app attestation ...
6 months ago Securityboulevard.com
Secure Financial Apps: Proactive Measures - People are using multiple apps to transfer, invest, and save money as per their requirements. These are some of the scenarios within a financial app where cybersecurity can play a key role in averting fraudulent transactions. Of late, a lot of ...
6 months ago Feeds.dzone.com
Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
4 months ago Bleepingcomputer.com
New phishing attack steals your Instagram backup codes to bypass 2FA - A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. Two-factor authentication is a ...
6 months ago Bleepingcomputer.com
Increase In Mobile Threats Calls for A Proactive Mindset. - Mobile threats are always evolving in the world of business. Threats to mobile security are increasing: More than 60% of cyber attacks now occur on mobile devices, including phishing and smishing scams and password theft within organisations. One ...
6 months ago Cyberdefensemagazine.com
Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
5 months ago Bleepingcomputer.com
Top Security Trends and Predictions for 2024 - Approov stands at the forefront of mobile cybersecurity: Our expansive customer base, ongoing research initiatives and the insights we collect from our live threat metrics, give us unique visibility into trends in mobile security. First, let's talk ...
6 months ago Securityboulevard.com
GitHub Wants All Users to Enable 2FA Before the End of 2023 - GitHub, the omnipresent nexus for developers and their code, has embarked on a decisive initiative aimed at fortifying the security of the software supply chain. In a groundbreaking announcement, the platform has set forth a mandate for two-factor ...
6 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)