Authy SoftToken
Get a new seven-digit authentication code every twenty seconds. Available via the Authy app for mobile, wearable and desktop platforms.
Authy OneCode
Dynamic seven-digit authentication codes generated on-demand. Delivered via SMS or text-to-speech phone call to a registered number.
Authy OneTouch
Approve or deny the authentication request with a simple yes/no question. Push notifications alert on a previously authorized smartphone.
Authy Two-factor Authentication (2FA) is trusted by over 10,000 websites and mobile apps.
Cloud infrastructure
Security organizations
Leading gaming companies

Simplicity for developers

  • Simple REST API: Add 2FA to web and mobile apps with fewer than ten lines of code
  • Extensive client libraries (PHP, Ruby, Python, Java, Node.js, etc) and thorough documentation
  • Tested and used by more than 20,000 developers since 2012

Simplicity for IT admins

  • Audited and vetted by third parties, including financial institutions and Dell
  • Highly reliable with 99.999% uptime and sub-400 millisecond response time since 2002
  • Self-service results in fewer Help Desk and Customer Service calls

Simplicity for users

  • No hardware tokens required
  • Available on any device: smartphone, tablet, desktop, and wearable
  • Multiple authentication options: SMS, Voice, Time-based One-time Passcode (TOTP), and push notifications

Authy SoftToken

Recommended for employee, partner, and customer access to confidential portals and web apps. An excellent replacement for hardware 2FA tokens.

  • Step 1Add 2FA workflows to any web portal and mobile app with a few lines of code.
  • Step 2Generate a TOTP every twenty seconds, required for the user to log in to any Authy-secured app.

Cross-platform and multi-device

The Authy app can be used on multiple user devices including smartphones, tablets, and desktops.

Added device security

Require a user PIN or device biometric (TouchID) before users can see authentication codes in the Authy app.

Self-service recovery

Allow users to start using a replacement device without calling a help desk with cloud backup and restore.

Authy OneCode

Recommended for users who do not have the Authy app, when added security layer or fallback is needed, and to reach feature phone, landline, or sight-impaired individuals in accordance with the American Disabilities Act (ADA) in the US.

  • Step 1Add 2FA workflows to any web portal and mobile app with a few lines of code.
  • Step 2A dynamically-generated, seven-digit authentication code is delivered via SMS or phone call, which is required to log in to an Authy-secured app.

Localized experiences

SMS and voice messages can be customized and localized depending on user location, customs, and language.

Secondary options

Choose to send authentication codes via SMS with a fallback to phone calls, or vice-versa.

Route connectivity

SMS and call completion assurance based on intelligent routing across our network of aggregators and carriers.

Authy OneTouch

Recommended for implementing 2FA at login or to confirm a transaction. Delivers the most streamlined, strong-authentication process.

  • Step 1Add 2FA workflows to any web portal and mobile app with a few lines of code.
  • Step 2Users receive a push-style authentication request to their smartphone. The user must have a company mobile app with embedded OneTouch code or the Authy SoftToken app.


A streamlined 2FA user experience. A simple, one touch "yes" or "no".

Advanced protection

Reliable public/private key pair for both mutual and message authentication.

Strongest 2FA

Out-of-band authentication that protects against both man-in-the-middle and phishing attacks.

We can't wait to see what you build

Start today with a free Authy trial account.