YubiKey TOTP client support

Would it be possible for 1Password to implement support to function as a Yubikey TOTP client? Right now, YubiKey has a standalone client (which is actually pretty shoddy). There are certain scenarios where I would prefer to use a hardware MFA (in cases where true two-factor is desired) and so having 1Password obtain the TOTP code from the device would be useful.

Perhaps in the larger sense, there's a lot more integration that could be performed here. I know that others have requested support for using YubiKeys to unlock 1Password on the Mac/PC. The newer YubiKeys also support NFC, and so on supporting devices (Android now, iOS in the future) perhaps they could be used to unlock vaults in 1Password on mobile devices.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Drew_AGDrew_AG 1Password Alumni

    Hi @cobaltjacket,

    Thanks for taking the time to contact us about this! To make sure I understand, are you saying you'd like to be able to use YubiKey in conjunction with your master password to unlock 1Password, as a means of multi-factor authentication?

    Since 1Password is an encryption app, and not a hosted service using authentication, classical approaches to multi-factor authentication won't work for us because unlocking your 1Password data is not about authenticating to some service. If you're interested in more details, please check out this blog post: Two Factor or not Two Factor

    If I misunderstood your request, please let us know. Thanks! :)

  • edited September 2015

    The primary focus of my request is allowing the Yubikey to be used to generate TOTP codes in place of this software. They provide source code for the function on Github.

    yubico.com/wp-content/uploads/2014/02/Yubico-Authenticator.pdf

    The other function (unlocking 1Password) is a secondary request. I realize that 1Password is not an authentication service, but it could be as simple as "Is the requested YubiKey present? If so, permit unlock."

  • Drew_AGDrew_AG 1Password Alumni

    Thanks @cobaltjacket, I see what you mean now! It sounds like you want something similar to our current TOTP feature in 1Password, but using YubiKey.

    I can't make any promises of course, but I can let our developers know about your suggestion. Thanks again for letting us know! :)

This discussion has been closed.