Hello. I’m a Lastpass user considering 1Password (1P). I like the UI and the app very much, except when it comes to 2FA (two factor authentication). I have looked at posts and 1P does not provide an option for users to require 2FA with every sign in. Lastpass does. Will 1P reconsider?
In a world of smartphones that are easily swiped (or accidentally left behind) and where we are constantly subject to video surveillance as we go about our lives — such as when typing in our master password as we are in a restaurant — I want an option where I can be confident that no one is getting into the 1P account on my phone WITHOUT ALSO having access to the yubikey in my pocket. As someone who has accidentally left my phone behind at places, I don’t like having to hope that my phone screen darkened before it was picked up by someone else or depending solely on Touch ID to protect my apps.
This fall, Apple and yubikey will allow for physical yubikey entry on iPhones with Fidou2f as 2FA, when the new iOS yubikeys come out. Indeed, both 1P and Lastpass are partners with that program already.
It will then be possible to configure password managers in such a way that to get into the app on an iPhone, you would need both the master password and one of the 3 yubikeys I plan to own (one on my key ring and two backups housed in two separate locations) and with NO other means of access or recovery. (At least for online access). I am willing to own the risk of non-recovery if I lose all 3 yubikeys, because I very much like guarding the front door of a password manager on a portable computer (smartphone) with more than a master password that can be so easily shoulder surfed or otherwise noticed. Others may not. But I’d at least like the option.
Otherwise, I confess to not really understanding 1P’s current structure for 2fa. You only require it on the initial sign in on a particular device but don’t require it thereafter. But that does not seem to do much more than what the secret key already provides....
What say ye?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided