Skip to content

Twilio shuts down Authy Desktop app, users face disruption

  • by
  • 2 min read

Twilio has officially terminated its Authy for Desktop application, logging users out and rendering the software inaccessible. This marks the end of a phased discontinuation process, but users face significant disruptions and security concerns.

The company’s Authy for Desktop has been a staple for two-factor authentication (2FA) on Windows, macOS, and Linux platforms.

As of mid-July, desktop app users found themselves forcibly logged out and unable to re-access their accounts. This action follows a series of warnings issued by Twilio earlier this year about the app’s impending end-of-life, reports BleepingComputer.

The shutdown of the Authy desktop apps was first announced in January 2024. The official termination is slated for March 19, 2024, and the final discontinuation is set for August 2024.

Despite these notifications, the applications continued to operate beyond the March deadline. However, they displayed persistent alerts instructing users to migrate to the mobile versions of Authy.

The abrupt logout and cessation of service have led to considerable user frustration. Those who have not transitioned their 2FA accounts to mobile devices are now encountering the loss of access to their tokens, underscoring the critical importance of syncing 2FA accounts with mobile devices to ensure continuity of access.

Twilio confirms that the forced logouts align with the planned end-of-life schedule for the desktop app.

Further compounding the issue, users who had synchronised their desktop tokens with mobile versions have reported synchronisation failures. This discrepancy has rendered some accounts inaccessible despite attempts to manage them through mobile devices.

In addition to these disruptions, a security incident in July 2024 has amplified concerns. Threat actors exploited an unsecured Authy API to validate phone numbers associated with Authy accounts. This breach exposed profiles linked to 33 million phone numbers, which were subsequently leaked on a hacking forum.

Although Twilio addressed the vulnerability by securing the API and updating the mobile app, questions remain regarding the impact on desktop users who have not received the latest fixes.

With this development, Authy version 3.0, released in June 2024, marks the final iteration of the desktop application.

In the News: GoI orders YouTube to block ABC News documentary

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>