Jump to content

HOW-TO: Migrate off of Authy's proprietary system and extract your OTP Secrets

I figured I would do a quick write up on this as I just utilized this method to backup all of my OTP's to another service while still using Authy's.

Step 1.) Download Google Chrome (and enable developer mode)
             Doc on DevMode - https://developer.chrome.com/docs/extensions/mv3/faq/#faq-dev-01
Step 2.) Download Authy Extension https://chrome.google.com/webstore/detail/authy/gaedmjdfmmahhbjefcbgaolhhanlaolb?hl=en
             It will claim it is deprecated, but just continue as normal and validate your account with another device and authenticate with your master password to unlock all of your OTP's.
Step 3.) Open chrome://extensions/?id=gaedmjdfmmahhbjefcbgaolhhanlaolb in chrome. There should be a backpage listed there, if the application is running then main.html will be displayed. If not, make sure to load the extension and have it running on your Desktop PC.
Step 4.) Click main.html and make sure it is in console mode.
Step 5.) C+P the following Code into the console:
 

appManager.getModel().forEach(function(i){
  if(i.markedForDeletion === false){
    console.log('otpauth://totp/'+i.name+'?secret='+i.decryptedSeed+'&issuer='+i.accountType);
  }
}); 



Step 6.) Profit - you should get outputs similiar to the following: otpauth://totp/WebsiteHere - Description?secret=YOURSecretOTPCodeStringHere&issuer=VENDOR/SOURCE (MAY VARY)
Step 7.) Copy and paste your secret strings into bitwarden, lastpass, 1Password, or wherever you are migrating too. (your choice). - Or simply use this trick to backup your codes if you didn't from the get go.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×