📢 This is a friendly reminder to back up your 2FA tokens in the Authy app and store the decrypt key somewhere safe.
Today Nabile (my wife) dropped her phone resulting in a complete display malfunction. While the loss of the device was saddening, we were more worried about getting access to all the important apps installed on the device. Mainly the banking apps that require 2FA and Authy which contained all the 2FA tokens.
While Authy backs up the token online, they keep it encrypted on their server and you need a decrypt key to use it on a new device. You must store the decrypt key somewhere safe yourself. If you lose the decrypt key, there is no way to decrypt the tokens. Authy can’t help here. See their post explaining how encryption/decryption works.
Luckily, Nabila had the decrypt key so we were able to get access to all the 2FA tokens. I didn’t and this was a awakening call that accidents can happen anytime so best to store the backup/decrypt key somewhere safe now or regret it later.
Thought I would remind you all too about it. Don’t procastinate.