Due to CASL, Canadian Carriers Might be Locking Out Your Users

If you use SMS to send codes for two-factor authentication logins or to verify ownership of a phone numbers, you need to be aware of a growing trend where wireless carriers are starting to block your traffic and thus preventing people from signing up and logging into your application. Twilio has two APIs, Verify and Authy, which can help avoid these issues because they are pre-configured… Read More

Protect your npm account with 2FA and Authy

“There has never been a major security incident caused by leaked npm credentials, but our security work is never finished.” This wasn’t the headline that npm lead with when they announced their support for two factor authentication recently, but it was a line that stuck out to me. It is fantastic to see that these critical parts of the infrastructure of web development are taking security seriously…. Read More

Reduce SMS 2FA Risks By Using Device Data

Using SMS for 2FA security has recently been getting a legitimately bad rap, with a significant increase in successful attempts to intercept or redirect the 2FA codes sent via SMS as part of a login. We’ve addressed these issues (and more) with updates to the Twilio 2FA API (formerly known as Authy); making it possible to bypass sending SMS-based 2FA for a more secure, and less… Read More

Using Authy to add 2-Factor Authentication To Your Auth0 Applications

We at Authy are always looking to make it easier for our clients to add 2FA to their applications. In fact, with just a few API calls you can be up and running in no time. However,  you may already be using a cloud service for your entire authentication stack, you may find this perspective from Auth0, one of the leading vendors in this space, of… Read More

Real Time Rails 4: Using Server-Sent Events with Authy OneTouch

Server-Sent Events (SSE) are real-time events sent from a server and received by a browser, perfect for updating the front end when a server receives a webhook. We’re going to look at how to use SSE to implement Authy OneTouch using Rails 4. Our end result should look a bit like this: Authy OneTouch Two factor authentication usually means copying a bunch of numbers from your phone to… Read More

Two Factor Authentication in Rails 4 with Devise, Authy and Puppies

Passwords aren’t enough any more. Keeping user data safe is hard enough without users themselves choosing the worst passwords in the world. Yes, “123456” has topped the list of most commonly used password of the year again. Two factor authentication keeps your users’ accounts secure by requiring a second factor of authentication, something a user has (their phone) as well as something they know (their password)…. Read More