Twilio Axes Authy Desktop: Users Logged Out Forcibly

Authy hacked

Twilio, the multifactor authenticator developer, previously announced the termination of its Authy desktop service. The desktop version, which enabled users to receive verification codes and log in on their PCs, now requires users to install Authy on their mobile devices for code retrieval.

As of August 1, Twilio has implemented its termination plan, forcibly logging out users from the Authy desktop version and displaying a warning that the desktop version is no longer supported.

Authy for desktop

The cessation of the desktop service is due to Twilio facing significant investor pressure. The company’s co-founder, Jeff Lawson, has been compelled to resign from his positions as CEO and board member due to slowed revenue growth and investor demands. Twilio’s primary focus is now on developing and optimizing the Authy experience for iOS and Android, rendering the desktop version obsolete and prohibited for further use.

Authy’s struggle with slowed revenue growth is understandable. As a third-party multifactor authenticator, it initially gained a substantial user base by offering account data synchronization when Google Authenticator did not. However, with the introduction of Microsoft’s synchronizing authenticator and Google’s subsequent support for synchronization, alongside various password managers offering 2FA synchronization on PCs, Authy’s user growth rate has significantly declined.

Additionally, several security issues have undermined user confidence in Authy, which is critical for a 2FA authenticator. No one wishes to use an authenticator with potential security risks. In June, a verification issue in Authy’s API led to the leakage of data for 33 million users. Hackers sold this information, primarily phone numbers, on dark web forums, potentially leading to targeted phishing attacks.

Related Posts: