Open standard 2FA with QR codes
Could we please move away from the Authy only 2FA implementation currently used and provide standard TOTP and QR codes?
This would work much better for people who already have a stack of 2FA accounts in other solutions, remove reliance on a single application, fix issues with support (eg. Windows Phone), remove the need for a phone number (important for younger users I'd imagine) and generally increase flexibility and usability of 2FA for everyone by not locking us into a proprietary implementation.
Absolutely. TOTP would let people use applications they already trust, like Google Authenticator. If they use password managers that support TOTP like 1Password, they don't have to use two applications to authenticate. Using non-standard 2FA makes users more dependent on your third-party provider, a relative nonentity who seems to think association with cryptocurrencies makes them look more trustworthy and not dodgy af. (In its most charitable reading, this calls their marketing competence into question.)
I tend to use 2FA everywhere, but honestly, I'm concerned that Authy, in particular, makes me less secure than 1FA using a long, unique password from my password manager. It gives me new risks to manage, and no real information to help me quantify that risk. (The guilt-by-association wrt cryptocurrencies is suggestive and concerning; nothing is objective and mitigating.)
I'm staying away from your 2FA solution for those reasons. Use standard TOTP, let me choose my provider, and I'm on it like a shot. (Or add FIDO/U2F so I can use my Yubikey.)
I recently had to deal with Authy's terrible customer service. One week in, and my case is still ongoing. I really hope that Twitch can ditch these clowns and use the standard TOTP method for two factor authentication. Or at least allow it in place of Authy.
+3 and please vote for the similar wishes too:
I'd give all my votes to this if I could give more then 3.