Disclaimer: This is another potentially incomplete article. I just want to share my knowledge and keep personal notes.
Context and background:
I love Multi-factor Authentication (MFA/2FA). I use it whenever and wherever I can. For most cases, I prefer using TOTP, as they are universal. I also love my YubiKey – but to me, that has slightly fewer use cases and is slightly less universal (since the backup method involves physically maintaining multiple keys – which I happily do, but prefer not to do all my 2FA through them). I use my YubiKeys primarily for U2F web-apps.
Anyway – Since I work in various capacities across multiple organizations, I have numerous (over 100) 2FA accounts that are currently in Authy. All the ‘migration’ techniques I found were insufficient at that scale.
REMINDER: Reasons to switch from Authy
Steps:
- Follow the guide(s) here to get Chrome Console output. (https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93#gistcomment-3240205) (https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93#gistcomment-2224133) (https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93)
- Once you have that output, modify the script to remove the QR code generation, by removing the last few lines of the pasted JavaScript `
let url = (new QRious({value: totp_uri, size: qr_size})).toDataURL();
console_image(url, qr_size);3. Copy all that to a text file
4. Run the following Bash script against the output to generate the otpauth links that can be easily imported into Aegis via their “plaintext” importer.
#!/bin/bash
input="/path/to/file"
while IFS= read -r var
do
if [[ $var =~ ^TOTP\ URI.* ]]; then
otpauth=$( echo -n $var | cut -c 11- )
echo "$otpauth"
fi
done < "$input"
5. Import the resulting text/file into Aegis, and be happy! (execute script, cat to file, import file into Aegis)