The Authy app allows users to easily backup their 2FA account tokens, making synchronization or swapping to another device simple. This guide will cover the Authy app backups password and recovery.
How the Backups Password Works
When Backups are enabled in the Authy app, users are prompted to create a new password for encrypting their 2FA tokens. We have a walkthrough for the backups enable and disable process here: Backups and Sync in Authy.
Authy will only upload your encrypted tokens to our server. The Authy Backups password is never sent to Authy. This helps to ensure that no one will be able to access your tokens without the backups password you created, even in the unlikely event that our servers are compromised.
Since the Backups password is never sent to Authy or stored in our servers, Authy support is unable to recover your password.
2FA Account Access Options
If you ever forget your Backups password, we recommend taking the following steps to regain access to your 2FA accounts:
- Check any Authy installations on other devices (if available) to see if your tokens are still decrypted there.
- Try common words, patterns, passphrases you may regularly use.
- Use the recovery codes provided by the service(s) during 2FA setup to regain access to your account.
- Re-add your tokens with the secret keys provided by the service(s) upon enabling 2FA.
Unable to Recover Backups Password
If you are unable to recall your Backups password, any existing encrypted 2FA account tokens will be permanently lost. Users who want to continue using Authy, see Reconfigure Authy After a Lost or Forgotten Backups Password.