OTP Integration
Comments
-
… now includes a simple one-step action to create a new section and add a new TOTP field right away.
A great improvement too!
Has anyone been through adding a TOTP password to Fastmail? It involves creating additional passwords to use with the same email address i.e. you can login in with several different passwords on the same account.
I ended up with a really messy process of creating separate new items on both Mac and iPhone that needed to be merged back together on the Mac again afterwards. It was annoying to have to enter three fields on the iPhone before I could save the new item and edit it to add a new OTP field.
Normally you would have created the login, synced with your phone and then add the OTP field to the login on the phone by scanning the QR code. In this case I had a form requiring the original password for the account, and a new "base password" too. I selected Not Now when 1Password offered to save it because I didn't know which password would get associated with the new item. If there are other setup processes this convoluted then there needs to be an easier way to use the Mac and iPhone in parallel to set up the login item with a OTP field.
Just wondered how common this type of cumbersome setup use case is?
0 -
Hi @Penelope Pitstop,
A great improvement too!
I'm glad you like it.
. In this case I had a form requiring the original password for the account, and a new "base password" too. I selected Not Now when 1Password offered to save it because I didn't know which password would get associated with the new item.
Have you considered clicking on the gear button on the left side to select Edit Login in 1Password, it gives you a chance to review the changes before saving it.
Make sure you select the Update Login first, so it edits the current Login instead of a new item.
0 -
Have you considered clicking on the gear button on the left side to select Edit Login in 1Password, it gives you a chance to review the changes before saving it.
Thanks, I didn't know that option existed.
Make sure you select the Update Login first, so it edits the current Login instead of a new item.
I'm not sure I explained myself very well. The issue is that this Fastmail process involves creating a new alternative login, not updating the original one. The creation form for the alternative login requires both a new password and the password from the original. Selecting Update Login is therefore inappropriate because we're trying to create a new login and not change the original.
I tried it again and it turns out that 1Password does the right thing when you save the new alternative login anyway i.e. it puts the new password in the password field and puts the original password in the Web form details section. :)
I raised this point because this is the first time that both my Mac and iPhone have been involved together in the login item creation process. Before TOTP password fields you created new items using a single device only. So if two devices need to regularly work together to create a new login then they must work together as slickly as possible.
One difficulty was finding the new login on the iPhone because you are never sure when the sync has finished and might not remember the name you chose for the item on the Mac. Are there any plans to allow sorting of the item lists in reverse chronological order on iOS? That's how I normally look at my All Items list in 1Password on the Mac and files in the Finder etc.
Hopefully Fastmail's convoluted process is an oddity. Indeed their help pages acknowledge it is cumbersome and mention plans to change it to something simpler in future. I must admit that the setup process for TOTP passwords on all my other accounts involved adding the TOTP field to a login that already existed. If sites start requiring these fields during the account setup phase then more work will be needed to make the Mac and iPhone work together effectively.
0 -
@MikeT my suggestion for making this work with a Mac involves an "extra" layer of security in that the OTP should only be shown and autofill if a corresponding mobile app is within Bluetooth range. One of the points of 2FA is that you have to have something you know (your password) as well as something you own/have. By having OTP available at the same level of security as the basic password (even though 1PW is already crazy secure) defeats some of the purpose.
I understand that this is slightly paranoid, but I could argue that 1PW itself is geared towards the paranoid :)
That said, OTP in 1PW has been a much awaited feature by me and I am extremely exited to be able to play around with it in the beta. Thank you all so much for your hard work.
0 -
Hi guys,
@“Penelope Pitstop”,
I use Fastmail and I just looked at it, I see what you mean now. I’m going to try to enable it in the near future and see how we can improve that as I (and you) suspect that it might be more common in the future.
One difficulty was finding the new login on the iPhone because you are never sure when the sync has finished and might not remember the name you chose for the item on the Mac.
Yea, I know what you mean. I often have to do a double-take because I can’t remember the name since 1Password auto-saved the data for me.
Are there any plans to allow sorting of the item lists in reverse chronological order on iOS? That's how I normally look at my All Items list in 1Password on the Mac and files in the Finder etc.
No plans but it is in our tracker for sure. I’ve added your vote to the list.
Request ID #: OPI-481
@MikeT my suggestion for making this work with a Mac involves an "extra" layer of security in that the OTP should only be shown and autofill if a corresponding mobile app is within Bluetooth range.
That’s still in the request tracker. Right now, this is just the starting ground for us. It’ll get more powerful over time as we figure out the next steps. One baby step at a time.
That said, OTP in 1PW has been a much awaited feature by me and I am extremely exited to be able to play around with it in the beta. Thank you all so much for your hard work.
I’m glad you’re enjoying it so far and thanks for the kind feedback on our work. We still have more to go and we can’t wait to share more with you guys.
0 -
I really like this feature and I appreciate the counter changing from a progress bar to a circle with a countdown.
One thing I would like to see is potentially being able to do more with the extension and OTP. I can auto fill my login, but the second page requires a bit more navigation to get back to my OTP. Maybe a today widget or an OTP action extension could allow for slightly easier access?
Maybe an option to save the OTP to the clipboard could be available so that when I log in, I quickly grabs the OTP, if the countdown is close, maybe it could automatically update the clipboard to the new one. I'm not sure if that is truly secure or even feasible once the extension is dismissed, but it would be really useful to me.
0 -
Hi @schiguoi,
I really like this feature and I appreciate the counter changing from a progress bar to a circle with a countdown.
I'm glad you like it.
Maybe a today widget or an OTP action extension could allow for slightly easier access?
I wonder if we can provide the 2FA code next to the Login automatically in the extension rather than requiring you to tap on the (i) logo to view its details?
Today widget would be difficult because your data is encrypted at rest and to even make this possible, we would have to provide some kind of persistent and decrypted data for the widget to pull the data from without asking for your master password.
I'll file an improvement request in our tracker to see what we can come up. Thanks for sharing your suggestion with us.
0 -
@schiguoi
look for otp auth in the App store. There you have an widget for all of your accounts until 1password support all things that are nessasacry.@ team
how can i use this feature with the latest windows beta version ?0 -
If you're using the Windows beta, you've likely noticed that One-Time Passwords have been added there as well! Here's a post in the Windows forum that discusses how to add One-Time Passwords to 1Password for Windows (beta). I hope this helps, but we're here if you have any further questions. :)
0 -
Hey all,
I'm seeing a weird issue where after adding an account, let's pick Google for fun, confirming the scan was correct by entering the current code, and backing out of the OTP screen to view my account, the OTP field is gone. It's as if I never set it up. I then have to go back in and scan another QR code to add the account, only to have the process repeat itself.
DERP.. I figured out the bug (I think). Removing the custom name for the section housing the OTP caused it to start working again.. Adding a title to the section seems to e OK, for now. Weird.
0 -
When will this feature land in 1Password for OS X?
0 -
Check the current Mac beta if your interested.
0 -
@thightower where can I find it?
0 -
Check the beta forum for info. To update open the app preferences and go to the updates tab. Enable betas.
If you on the MAS version its still doable but requires some extra work. Data file movement etc. If your still interested reply back.
0 -
@thightower I am interested in it - I'm currently using MAS version (using Dropbox sync).
0 -
Hi @spitf1r3 ,
Thanks so much for your interest in the 1Password for Mac beta! We'd love to have your feedback. Here's what you'll need to do:
- In 1Password, open the Preferences > General tab and uncheck the option to ‘Always keep 1Password mini running’
- Quit 1Password
- Go to downloads page, click the option to 'Enable betas', and then select the 'Download beta' option below the 1Password for Mac heading.
- The webstore version will be listed as
1Password 5in your /Applications folder. - When you open 1Password 5, it will detect your file in Dropbox and prompt you for your Master Password.
This should get you set up with the beta. Please let me know if you hit any snags in the process.
0 -
Thanks @Megan was a little tied up.
0 -
:pirate: I think you're missing a comma there as I'm sure she wasn't tied up. :P On her behalf, you're welcome.
0 -
@Megan I have one more request - which is off-topic, but I could not find a suitable place to ask about that anyway:
Agilebits forum is listed in Tapatalk's (an app, that eases browsing various forums - https://tapatalk.com) directory, but many features seem not to be working. Can you engage someone from the forum staff to take a look at it (probably it's just a problem with outdated Tapatalk plugin)?0 -
Hi @spitf1r3 ,
Please see this discussion for an explanation of the situation with Tapatalk.
0
