By default, Authy allows its two-factor authentication (2FA) mobile application to be setup on more than one device. In order to install your Authy account on a new device, you are required verify ownership of your account via SMS. Once your Authy account is installed on a new device, it generates the same, valid 2FA codes. Therefore, it is important to prevent unauthorized installations of your Authy account.
Unauthorized installations of your Authy account can be achieved if an unauthorized person ("attacker") obtains access to your SMS messages (e.g., phone number porting). To prevent an attacker from doing this, you can disable the multi-device option by doing the following:
Settings > Devices > Allow Multi-Device > Turn OFF
Note: you can temporarily enable this setting when migrating to a new device (for example, upgrading your phone) but must disable it after the new device is configured if you want to continue to prevent the multi-device support.