Converting Fidelity’s Symantec VIP token to TOTP to use with Authy

September 7, 2020 fidelity Authy [investing]

This is a quick write-up of switching the Fidelity authentication app from Symantec VIP to Authy based on a reddit post1 that explained how to do it for Charles Schwab.

Steps:

  1. Install Python and the Pip package manager

  2. Install python-vipaccess. On the command line you’d execute something like this:

    pip install --user python-vipaccess
  3. There are several options for vipaccess. For Fidelity this worked for me:

    vipaccess provision -p -t SYMC
  4. This will return a “credential” that looks like this:

    otpauth://totp/VIP%20Access:SYMC66446222?secret=WH5KRB7P3CL33MXJG7APBWII5BITYG2K&digits=6&algorithm=SHA1&issuer=Symantec&period=30
  5. Encode this string into a QR code and scan that into Authy as a new account. There are several QR encoders, I used this one by Patrick Wied:

    https://www.patrick-wied.at/static/qrgen/

  6. Finally, call Fidelity and tell them you need to enable VIP access on a new phone. Give them the SYMC number given by the results of the vipaccess command above. In my example it is SYMC66446222.

I’ve been using Authy in place of Symantec’s VIP app for several months. I’ve had no problems with access and I feel more comfortable I can access my account if I break or lose my phone.

In addition to Authy, oathtool also can generate tokens on the command line. Install it with Pip and then using my example credential, generate the token like this:

oathtool    -b --totp WH5KRB7P3CL33MXJG7APBWII5BITYG2K