U2F support for Yubikey

2»

Comments

  • brentybrenty

    AgileBits Team Member

    That does sound really cool. It's only a dream now, but maybe someday. :chuffed:

  • This would be great. Some type of integration would be great to consolidate personal authentication processes.

  • brentybrenty

    AgileBits Team Member

    Thanks for letting us know you'd like additional authentication options for 1Password Teams. Cheers! :)

  • I too would prefer to have hardware u2f support. I am not a team member but would pay extra to have it as a third level. Apple has finally opened up nfc api for third parties. All that awaits I think is for third parties like Agile to build in support to their apps along with yubico. I know these things take time but others have gotten this taken care of. I will give it three more months and if nothing changes I will be forced to change providers. Please, please, work on this.

  • brentybrenty

    AgileBits Team Member
    edited January 12

    Just to clarify, it isn't necessary to post the same thing in multiple places (as it doesn't count as an extra "vote" or anything). I don't see it happening in "three more months", but thank you for letting us know it's a feature you'd like us to add in the future. Cheers! :)

  • I'd like to add my voice to those calling for 2 factor authentication with U2F via Yubikey. I was a bit confused about some of the earlier comments regarding the strength of 1PW's encryption. This isn't really the point. All the encryption in the world won't protect you if you've been duped into entering your master password on a phishing site. U2F protects against phishing because the URL of the genuine website forms part of the protocol so the brower simply won't transmit the one time password to a fake site making it pretty much phishing-proof authentication.

  • LarsLars Junior Member

    AgileBits Team Member

    @petalhanger - thanks for weighing in. :) As mentioned in previous replies, we are looking into adding support for U2F, but I've nothing tho announce on that front just yet.

  • I would love to see U2F support for example in combination with one of the crypto hardware wallets.

  • rickfillionrickfillion Junior Member

    AgileBits Team Member

    Thanks for your feedback @mrgreen.

    Rick

  • Wish 1Password for Mac could support yubikey authentication.
    As I have a long enough Master password, in iOS, I just need to re-enter it by every reboot, and daily authentication could be done by fingerprint
    But in Mac, it is a nightmare, every daily usage require a long keyboard work.
    The mac login process could be shorten by yubikey PIV mode(use yubikey and PIN to instead of normal password), if yubikey support for mac could be done, it should save me lots of time.
    Don't care it be implemented by U2F or PIV mode, it saves time!

  • Hello everyone,

    Id like to see the Yubikeys, certainly the newest Yubikey 4 also supported, like it is for other minimalist password managers.

    It could even offer features to make it friendlier for people not really of "Guru" status concerning x509,PGP etc.

    XCA is rather complete for generating, but it lacks compatibility on my system for a reason I ignore. I'd need 1Password to generate CA, Intermediate and Certificate for company internal use (mobile deployment, profiles management, ....) I 'm never quite totally sure about the extensions I must add, which are recommended, mandatory for a particular feature etc. Till now, I haven't found a single well clear and for me readable ressource for me to learn this. Certainly not the Help feature of the Server.app on macOS, and even not in expensive books I bought about learning to configure it.

    At first, maybe yet just to protect the 1Password local storage on the computer. Or to unlock when you don't have TouchID on your not-brand-new-macbookpro

    Or for the OTP feature in the items. to add other types of 2nd factor to the skills of 1Password

    I'm still experimenting with Duo and pam_yubikey and Saaspass, just to see what I can do with tools provided for free with an active directory, crl generation, auto-requests signing, etc. I'd like to see the field of possibilities it can give

  • LarsLars Junior Member

    AgileBits Team Member

    @ppcharlier - Thanks for adding your voice to those looking for this feature. :)

  • brentybrenty

    AgileBits Team Member

    @bigboyq: Likewise, thanks for the suggestion! :)

  • IMHO the biggest problem with U2F in 1password would being able to support backup keys. Otherwise it would be simple to just encrypt the internal data using the key's response value.

  • brentybrenty

    AgileBits Team Member

    Indeed, there are a lot of factors to consider. We want to make sure if and when we do something in this area it's a win for users, both with regard to security and usability!

  • Hi,

    There are a bunch of Password Managers which already support Yubikeys: https://www.yubico.com/solutions/#password-management
    Also it's a corporate standard in such companies as Google, Facebook, etc.
    As an active 1Password user I hope it will get higher priority in your backlog :)

    Thanks,

  • BenBen AWS Team

    AgileBits Team Member

    Thanks for the feedback, @ell. We don't have any plans to support the use of Yubikey with 1Password at the moment. We have a fairly in-depth discussion happening about MFA / 2SV in regards to 1Password here:

    Why not use 2 factor authentication to secure my 1Password Vault? — AgileBits Support Forum

    You may be interested in reading through that thread.

    Thanks.

    Ben

2»

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file