Soft token TOTP
2FA in our top-rated mobile application with multi-device/offline capabilities and cloud-delivered tokens.
We have built the leading 2FA authenticator application, downloadable for free in iOS, Android, and Chrome app stores. Your users can access their tokens across multiple trusted devices and also capture 2FA tokens from companies like Google, Microsoft, and Amazon.
Users manage their 2FA email and phone number information directly in the application, reducing the support burden to you. When devices are lost, we provide direct support to your users.
Authy soft tokens use time-based one-time passwords (TOTP) to allow users to login to your application without internet or cell connectivity. They could be traveling in a country with no cell service, or using a laptop on airline WiFi with their phone in airplane mode.
Fast to implement
Simple REST API with many helper libraries. Get up and running in minutes. No need to talk to sales, just sign up and go.
We send emails on behalf of our users. We rely on Authy to make sure people accessing SendGrid are who they say they are—we have to be able to secure our users’ accounts so malicious users can’t get in.
Typical 2FA solutions deliver sensitive 2FA data via a QR code. Authy delivers the code via our API, a secure and more easily-recoverable method.
Twilio's free 2FA app (Authy) automatically keeps time in sync to ensure the time based tokens are accurate and reliable when your users are offline.
SMS and voice are no longer considered secure channels for token delivery. Therefore generating the token on the device reduces the risk of it being intercepted. We also allow the use of biometric features on the device to further protect tokens.
Unique seeds per device
Unlike Google Authenticator style 2FA tokens, Authy tokens are generated per device. Lose a device? No worries; we can invalidate the tokens for that device without affecting 2FA access from other devices. This can be done without impacting the end users.
The Authy app is user friendly and consumer ready. List and grid views allow users to organize their tokens as they see fit. We also support the capture and backup of Google Authenticator style tokens. With the Authy app, users have a single, reliable application for all their 2FA needs.
Unlike other apps for 2FA, Authy allows you to access your tokens across many devices. We even have a Chrome browser app, allowing users to access tokens on Windows, Mac OS and Linux desktops.
Users sometimes change their phone number or lose devices. The Authy app allows users to self-service their information, reducing your support burden. Users can also manage their devices, removing ones that are lost or stolen, preventing them from being used for authentication.
Access on the desktop
Our Chrome application allows ease of use on the desktop, giving users the ability to access authentication requests and 2FA codes without the need for a mobile device or access to a phone.
Millions and billions
Authy services applications with millions of users, for customers such as Twitch, Coinbase and SendGrid. We handle billions of API calls with a solution designed to scale as you do.
We have all the information you need to start building. Get unstuck quickly with tutorials, sample code, and extensive API documentation. Plus, we provide example cURL commands and POSTMAN samples to accelerate your engineering efforts.
Program in the language you already use with libraries available from Twilio and its community.
Manage user permissions with unique access roles for admins, developers, support and billing.
Experience a 99.95% uptime SLA made possible with automated failover and zero-maintenance windows.
Operate at scale
Extend the same app you write once to new markets with configurable features for localization and compliance.
Use the same platform you know for voice, messaging, video, chat, two-factor authentication, and more.
Get to market faster with pay-as-you-go pricing, free support, and the freedom to scale up or down without contracts.