Facebook Icon Facebook Icon Twitter Icon Twitter Icon Linkedin Icon Linkedin Icon Blog Icon Blog Icon Checkmark Icon Checkmark Icon Small Checkmark Icon Small Checkmark Icon Small Checkmark Icon Small Checkmark Icon Clock Icon Clock Icon Cloud Icon Cloud Icon Cloud Upload Icon Cloud Upload Icon Compass Icon Compass Icon Medium count 1 Icon Medium count 1 Icon Medium count 2 Icon Medium count 2 Icon Medium count 3 Icon Medium count 3 Icon Medium count 4 Icon Medium count 4 Icon Medium count 5 Icon Medium count 5 Icon Medium count 6 Icon Medium count 6 Icon Medium count 7 Icon Medium count 7 Icon Medium count 8 Icon Medium count 8 Icon Medium count 9 Icon Medium count 9 Icon Medium count 10 Icon Medium count 10 Icon Medium count 11 Icon Medium count 11 Icon Medium count 12 Icon Medium count 12 Icon Medium count 13 Icon Medium count 13 Icon Medium count 14 Icon Medium count 14 Icon Medium count 15 Icon Medium count 15 Icon Device with a checkmark Icon Device with a checkmark Icon Device Icon Device Icon Documentation Icon Documentation Icon Dollar Sign Icon Dollar Sign Icon Extend Icon Extend Icon Eye Icon Eye Icon Gear Icon Gear Icon Globe Icon Globe Icon Graph Icon Graph Icon Guidelines Icon Guidelines Icon Laptop Icon Laptop Icon Layers with checkmark Icon Layers with checkmark Icon Key Icon Key Icon Lock Icon Lock Icon Paper Airplane Icon Paper Airplane Icon Pencil Icon Pencil Icon Phone Icon Phone Icon Reliability Icon Reliability Icon Reset Icon Reset Icon Shield with Checkmark Icon Shield with Checkmark Icon Timer Icon Timer Icon Tools Icon Tools Icon Tutorial Icon Tutorial Icon Upload Icon Upload Icon User with Checkmark Icon User with Checkmark Icon User Icon User Icon Wallet Icon Wallet Icon Case Study Icon Case Study Icon Video Icon Video Icon Webinar Icon Webinar Icon White Paper Icon White Paper Icon

Authy Security Issues

If you found an issue with Authy or any of it's products we appreciate your help.

This Page explains how we handle security issues and how to contact us.

How Authy approaches security issues.

  • First we want to make it clear: Authy Inc, will not take any legal or intimadatory action for reporting security vulnerabilities. We ask you however to be responsible and avoid destroying, tampering or doing any action that might hamper the service or disclose private information of others.
  • We will make an effort to respond as fast as possible. We take security seriously, this means we will usually respond within 10 minutes.
  • We'll immediately start working on reproducing the issue. Once we do, we will contact you to let you know. If we can't we will contact you to try to get more information.
  • We do not require a proof of concept exploit or any proof of exploitability to fix a possible vulnerability. If you believe you found an issue on Authy but you're not sure, e-mail us anyway.
  • Once we figure out the issue, we'll come up with a plan to fix it. We will communicate with our plans and keep you involved during the whole process. We know it's important to you that the issue is fix promptly. It's important for us too. Our usual turnaround is between 6 hours and 2 days. However depending on the issue it might take longer.
  • Once the issue is fixed we'll deploy the patch and inform our customers. Before publishing details about the vulnerability however, we try to wait 2-5 days to allow everyone to patch depending on the severity of the issue.
  • After 2-5 day's we will publically post details of the issue on our Blog. If you wish to be named we will contact you to ask for your approval. If you want to remain anonymous, we'll also respect that.
  • We appreciate you disclose the issue in a responsible manner. At this point we don't offer cash prices or rewards, but we usually will follow-on with you and send you a reward or a free upgrade.

Contacting US.

If you have any questions or doubts, please don't hesitate to contact us at [email protected]

PGP Key

            -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)

mQENBFERby8BCADDlB6jDccXphDoBAwwMJ3eHKeVEJwnZ9RkqW/nDLG0JxCSlVZA
+gTcoljZcA8NOi/wqXqg8U7ZpouXzAok/2md19mz8uUbQ1XaBxJJfSt4P6MlRKwa
fnQTpfGXTdPiE4hsp0NmP/bVrfI1rvwjBjQp+4LBVROnBb2nxZSxuZwKFbdvF/PK
cXhB+H6vCdaQdXWMUXs1PPBJk0BP0kdWHkhSE84OKrE2Qh5/xzcxndL7Bm6FHP/Z
ozEZQlWM0v1b44o9ynHvcSJOubzuLGXlsD11WFAmgcaYWOHpsBTW+292aaOj2iII
GLSkslwZRNb5VCDKWcMMjBysCUNKQ9nUwFKlABEBAAG0I0F1dGh5IFNlY3VyaXR5
IDxzZWN1cml0eUBhdXRoeS5jb20+iQE/BBMBAgApBQJREW8vAhsvBQkHhh+ABwsJ
CAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQ683xut8CBhj/LwgAwywT+yms0qzl
/rr9RuVN/FUgZnmmymnEBvjmunfs3XXEZJBoWAundiXoAyJgWejeYAUY4NfUOIP+
QnHbBuBDHYmnDli2MH8E/kiCoUzcHsu92zFNCys1jNFyY7O+wQCoD3Md1ikICdr3
VF/wr8XOXcFrxszNDXocNKx31CCFrouZZI154CW3DlZ3nDptx/XIUnx18x2FGFdh
htNPvj2CSKQgZ977wBFEA+tpfo3m8IDRTI80yq7aGkKQeGVTu4S6j3zFHvOpR772
VWtDeomngwC3yIRHGu+WZOyVHO9CHqGyPKPKtcgaFkEGmIx3tKXVO66AYgpQJIRr
9upZyd9vIbkBDQRREW8vAQgA3mwg1fqI991XkJLn0kn9UfJ9NNkZh0yIK2DW557z
MpS6A19KGKkdQP/LBlSKOojQCjZ0Bma6vE5NIo9QvHeexXToeG8umTNOwWv0vMVb
9aJ20hgU+crAl4ky5imLkIM/nFmHJXFuBTgJOxPqCQKlMY41vrv98NV0TfY2+kfV
64Y9Mk/S5S5cRyX2xsnJaajIjDWLdWPQO5Nt+V5PGBmQuxq4Tn3jD16wWRmqJJnK
mSHE+PeOWzKdTyGPSHQ8JqLJQkmG7lTU8MiBYSZE/Qo8azHf0b9/1rqpna23zuWR
tNeTpIoIHGF/xxhdgQnpeTHHk/0lkvnxKqC4YIOFxzUbwQARAQABiQJEBBgBAgAP
BQJREW8vAhsuBQkHhh+AASkJEOvN8brfAgYYwF0gBBkBAgAGBQJREW8vAAoJEFd2
z/vDFKqtpIcIALKvI4HflScLnGE553Wnio3iCnFiMZRw7tT+q+tjXyo4wtqD7LPq
7jc4hgzW6B0giJ+V8q3474Y3QXnOuNnHlrX+WgXbRuF2l9bzf7SZWZei9eJEjpMl
+GJmulKT0ozJVRyND5DZRBYV1+8YDCWygkwiyW7WdNKwMn+DqlM+27qJ5svWW08r
K5U8wk9WpNkfgfTG1Y6abxhhIbwb6Ub+n1apqdaJEZNAdqrjI/C0IMozW7q/bMdf
GDxxO2iyY5yIPeBtLcSRNIfCptTwvFLXwVjqzizSfILt+hPAMBrmeLLqxpU1jv6k
EnciupZFN6AtI8jGAeYWEc8S0gu5eABt+SIfwwf8Cw8RmXxhYVhSJUHCMS5FhSYy
dcWOYMZgOIABxT+GLIWKg6hPWdRZICe/kyNOz0/GQsSo1oR78joXraNhGnvDj2nU
12T35G/nAD2NSjePV6VSvjXeAQOyKg9r+xOPsTzuT4sFL6SvtEdTZBWVrgybOhWO
fptdJr3zVfKq5icGN4hUhsncSScryuNlzQ7cjIk6T9gjT9m45FXRb/Fp2vcPclMT
jvCCdEAg44v5dXTdfBDENZBDyIWoGhxOoLi5e91xPBrqt9Mhbs1qMmDlkwCyukQY
gzq7zkrsZ9AKJMkPPXXM+bDb5clXOKfqmZkomWxUtgFxF6XOUmtZTTDtbw5txQ==
=hg7Q
-----END PGP PUBLIC KEY BLOCK-----