REVIEW

Twilio Authy

Twilio’s Authy is a popular two-factor authentication (2FA) solution across businesses globally, offering a wide range of authentication methods, as well as multi-device usage.

Editor's Score
4.5/5

By Expert Insights
Updated Sep 21, 2022

Twilio Authy Logo

Expert Insights Verdict

4.5/5

Twilio’s Authy is a popular two-factor authentication (2FA) solution across businesses globally, offering a wide range of authentication methods, as well as multi-device usage. Users praise the platform for how easy it is to set up and use, as well as the ability to manage all soft tokens from one central application. The only negative we came across in our research was the interface feeling a little outdated—but otherwise, users praise this product highly.


Pros
  • One centralized application to house tokens to all connected accounts
  • Authy application syncs across desktop and mobile devices
  • Supports iOS, Android, Windows, and macOS

Cons
  • User interface feels a little outdated

Overview

Acquired by communications company Twilio in 2015, Authy is a market-leading 2FA solution that specializes in securing businesses and consumers via its powerful Rest API, mobile application, and enterprise authentication platform. Using Authy, users can access all their 2FA accounts from a single application, as well as authenticate their identities across multiple devices—including desktops, smartphones, and tablets—as data is synced and backed up to the cloud. This means if a user loses their tokens or device, or needs to work offline, they can easily recover or log into their accounts.

Features

Multiple Modes Of Authentication Available

Authy offers multiple modes of 2FA for users to authenticate their identities. These include SMS, voice, and email one-time passcodes (OTPs), API soft tokens (such as codes generated by the Authy authentication app or Google Authenticator), and push authentications (which can be sent via the Authy Rest API).

The Authy Mobile And Desktop Applications

iOS, Android, MacOS, and Windows users can download the Authy application directly from their application store. When using the mobile-based app, users can simply sign up using their phone numbers or email addresses and add in their account tokens by scanning a QR code or manually entering the key. The app serves as a central location for all connected accounts, providing a unified login experience, and can also create encrypted cloud backups. When a user then signs up via the desktop app, they’ll once again be asked for their phone number or email, and then will be able to sync their mobile and desktop apps. Users can also secure their apps by setting PINS and fingerprint recognition to protect against unauthorized access.

Risk-Based Authentication

The platform is configured to automatically check whether a user has the app installed when they start an authentication. If they do have the app installed, it sends a push notification to their device. In this case, the information that goes back to the platform includes contextual data on where the code came from, and which device it was generated on. But if there’s no record of them installing the app on any device, an SMS or voice OTP will be sent. We should note that users can also manually override the platform and have their code sent via SMS or voice rather than push authentication, if needed.

How to Use Authy To Keep Your Data Safe

Ease Of Use

Twilio’s Authy is well loved by users and developers alike for its simple implementation and easy to use platform. The real benefit for users comes from the ability to sync and back up data to the cloud—meaning, if for any reason they need to authenticate using a different device, they can easily sign into their Authy account and instantly have access to all account tokens. This is only further exemplified by user reviews, which sing high praises about how easy tokens are to set up and manage, and about how fantastic the syncing and recovery feature is. For admins, because Authy is deployed in the cloud, it’s also very easy to set up and configure.

Pricing

While Authy offers flexible pricing plans that are tailored to individual business use cases and needs, the solution generally comes in three tiers: Starter, Pay-As-You-Go, and Enterprise. The Starter package comes at no cost for less than 100 authentications per month, and includes unlimited users, push notifications, soft tokens, OATH tokens, and support. The Pay-As-You-Go plan is priced on a per-authentication basis, and supports unlimited authentications and users per month. SMS/voice OTPs, push authentications, soft tokens, and OATH tokens are each priced at $0.09 per authentication, per month. Lastly, the Enterprise package is suitable for more than 10k users per month, and includes all features included in the other two tiers but requires a monthly commitment. Pricing for this tier is given by request.

Final Verdict

Twilio’s Authy is a powerful 2FA authentication tool that’s well-liked by users for its ease of use and central access to all connected tokens. What sets this product apart is its versatility, as users can leverage many different modes of authentication and seamlessly sync their tokens across multiple applications and devices. We recommend Authy for smaller teams and SMBs that have a particularly high percentage of mobile devices in their fleet, and are looking for a strong and seamless 2FA solution that works well across both desktop and mobile.


Published by, Expert Insights

Expert Insights is an independent cybersecurity research and review website, reaching over one million readers per year. Run by a dedicated team of business IT experts, our number one goal is to help organizations research and find the right solutions to solve their business problems.

Company Information
Category Icon
Category

Multi-Factor Authentication

Website Icon
Website

twilio.com

Founded Icon
Founded

2008

Headquartered Icon
Headquartered

San Francisco, CA

Deployment Icon
Deployment

Cloud

Suitable Icon
Suitable

SMBs, Enterprise

Twilio Authy Awards
Product Award Product Award

ManageEngine ADSelfService Plus

learn more
Top Rated Twilio Authy Alternatives
Product Image

ESET Secure Authentication

4.8/5

Product Image

HID Identity and Access Management

4.8/5

Product Image

Thales SafeNet Trusted Access

4.8/5

Product Image

JumpCloud Open Directory Platform™

4.5/5

Product Image

IS Decisions UserLock

4.5/5

Product Image

ManageEngine ADSelfService Plus

Do you work for Twilio Authy?