For some reason, Twilio has disabled the ability to install the iPad version of Authy on Apple Silicon Macs. With Authy Desktop also being discontinued, this means that there is no longer an official way to use the Authy app on macOS anymore. This guide is a workaround I found to trick sideloaded versions of Authy into signing in successfully, and using that with a sideloaded version of the Authy iPad app on macOS gives us the ability to use Authy on Mac again.
What's needed for this guide:
- An iOS/iPadOS device with Authy installed normally
- An Apple Silicon Mac with Authy sideloaded
- mitmproxy
- A decrypted and signed Authy IPA
- Technical skill and patience
mitmproxy is a tool used to inspect and modify HTTP and HTTPS requests, and it's needed so that attestation tokens can be dumped from a legitimate iOS/iPadOS device and used on your Mac. Install mitmproxy on your Mac through brew or another method shown on mitmproxy.org, and then trust the mitmproxy root CA on both your Mac and iOS device (https://docs.mitmproxy.org/stable/concepts-certificates/). On iOS, you must trust the root certificate after installing it by going to Settings -> General -> About -> Certificate Trust Settings and enabling trust for mitmproxy.
You need an iOS/iPadOS device for this step with a normal version of Authy installed from the App Store. Start mitmproxy with the "dump.py" script attached (mitmproxy -s dump.py) in a convenient directory where you'd like the attestation token file to be stored. Next, connect your iOS/iPadOS device to the proxy by going to Settings -> Wi-Fi -> (your network) -> Configure Proxy, switching the setting to Manual, and entering your computer's private IP on port 8080 as the proxy. Once connected to the proxy, open the Authy app, type in your country code and phone number, and hit Submit and Yes. If it goes to the next screen and "Logged attestation-access-token to file" appears on the mitmproxy console, the attestation token has successfully been dumped, and you can now close the Authy app, disconnect from the proxy on your iOS device, and shut down the proxy by hitting "qy" on your keyboard. Please note that the attestation token is only valid for 10 minutes and will need to be dumped again if not replayed within that time.
You need to find a decrypted version of the Authy app for iPhone/iPad, sign it, and install it on your Mac. No modifications to the IPA are necessary for this guide. I used a decrypted version of Authy 26.2.2 from my jailbroken iPad Air 2 and signed it with my Apple Developer certificate, but you should be fine using a decrypted IPA from the internet and signing it through a free developer account or signing service. Once Authy is sideloaded, proceed to the next step.
Start mitmproxy again in the same directory, this time with the "replay.py" script attached (mitmproxy -s replay.py). Connect your Mac to the proxy by enabling "Web proxy (HTTP)" and "Secure web proxy (HTTPS)" in System Settings -> Wi-Fi -> (your network) -> Proxies and set the address and port to 127.0.0.1 and 8080 respectively. Next, open the Authy app, and complete the sign-in process like you usually would. If all goes well and you have successfully signed in and decrypted your TOTP codes, you can now disconnect and stop the proxy, and Authy should be fully functional on your Mac. If you encounter an error saying the attestation token is invalid, re-dump it and try again.