Comment by Icyerasor

An in my opinion crucial information is missing in the discussion that unfolded here 4 years ago; still this discussions comes up as a top result when searching for "authy telephone number required" and that is why I want to add something for current and future references: The phone number is only needed to recover access to your encrypted data that is stored on authys servers.

If you're questioning yourself whether authy is trustworthy because they require you to provide a phone number for a 2FA-TOTP-Method that does technically not require it at all(!) and thus could pose a potential security degredation, check the FAQ about account recovery/passwords here: https://support.authy.com/hc/en-us/articles/115001950787-Bac...

Quote: * The Backups password is never sent nor stored in our servers for your security * Like the Backups password, the App Protection PIN (and optional biometric data) is never stored in our servers * Like the Backups password and App Protection PIN, the Master Password is never stored in our servers

the question still is if you trust those promises - but as authy is backed by twilio (thus lots of 2FA-SMS are already processed by them) the chances are good those guys know what they do and do it responsibly