Registered a Yubikey, but 1Password Android doesn't ask for it

Hello.

When I log in through the browser, 1Password asks for my Yubikey first. Only if I cancel that, does 1password allow me to pick TOTP to log in.

However, on the Android app, when I tried logging into my account, I was neither asked for the Yubikey, nor was I given the option to use the Yubikey. I had to use a TOTP to log into the Android app.

I use my Yubikey to log into GitHub on Chrome for Android, so I'm pretty sure my Pixel 3 supports Yubikey.


1Password Version: Android 7.3.4
Extension Version: Firefox 1.17.0
OS Version: Android 10
Sync Type: Not Provided

Comments

  • periperi

    Team Member
    edited January 19

    Hi @que6ae. Thanks for reaching out! 1Password for Android doesn't yet have support for security keys in our stable build, though we do have support in beta at the moment. . For now, you'll be able to use TOTP to sign into your account from Android. Keep an eye out for updates, though!

  • Awesome! Thanks!!!

  • ag_anaag_ana

    Team Member

    On behalf of peri, you are welcome! If you have any other questions, please feel free to reach out anytime.

    Have a wonderful day :)

  • Up one, like, up vote for this! Will be good to see 1password operate just like google advanced protection...login..
    Password...touch nfc key on phone...you're in! BTW and FYI I use 1password on the phone 98% of the time, would be interesting if mobile use is high to drive a Mobile first policy for 1password.

  • ag_anaag_ana

    Team Member

    Thank you for sharing your feedback as well @Hitch22 :+1::)

  • 1Password for Android doesn't yet have support for security keys in our stable build,

    For the Android phone I am always signed into 1P with the "only" security being a fingerprint...is that how others usually do it?

    I know I dont understand the ins and outs of the use of the keys for 1P. (I have 2 registered but on the laptop I haven't been "asked" for a key for awhile...maybe it is a trusted machine?)

  • andiAGandiAG

    Team Member

    Hi @jmjm,

    Two-factor authentication (2FA) from a security key or authenticator is only asked for the first time that you sign in to a 1Password app.

    The reason for this is the role that authentication plays in your use of 1Password. When you first set up a new device you'll be asked to sign in and authenticate (using 2FA if you've set it up), once authenticated, the 1Password app downloads a copy of your data to the device so that it isn't reliant on a connection to 1Password.com for you to be able to use your items.

    This data is kept encrypted and requires your Master Password (or biometric unlock, if you've set that up) to decrypt it. At this point there isn't any authentication taking place, it's about decryption.

    Hope that helps but let me know if you've got any further questions :)

  • Thanks for taking the time to reply @andiAG. It is the reference to Android doesn't yet have support for security keys in our stable build that has me a bit puzzled. How will that exactly work? Will it be the initial sign in on the 1P Android app that can require a security key (NFC/USB C)? (As I had written, I use the fingerprint to access 1P on my Pixel 3).

  • andiAGandiAG

    Team Member
    edited February 5

    Ah yeah, that's not actually true any more. As of version 7.4 of the Android app we now support the use of security keys. :)

    7.4 was released last week in a staged rollout (which as of right now has gone out to 80% of users). That means that after you set up two-factor authentication for your account, the next time you sign in to a new device or existing app you'll be required to authenticate using either a security key (if you added one), or a one-time password from an authenticator app. Following that authentication you'll continue to unlock the app using your Master Password or biometrics.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file