Uphold.com, a cryptowallet site, requires that you use the Authy app for 2FA, but I'd like to use 1P, since I use it for dozens of other 2FA sites.
They seem pretty committed to this. Authy even has a guide on their site about 2FA on Uphold. It reads:
2FA at Uphold is powered exclusively by the Authy 2FA API.
To access your Uphold account you must use the Authy app.
1. the codes generated by Authy for Uphold are seven digits, not six, and
2. the countdown is 20s, not 30s, and
3. each time you tap the Uphold item in the Authy app, the countdown resets, such that you can keep the same code valid indefinitely by tapping it before the countdown expires
All three of these things seem to indicate a different standard, especially (3) which (I think) means that the Authy app is actually communicating with the Uphold site to align the validation date of each code.
This is quite different from normal 2FA codes, that are based on the system clock and reset every 30 seconds.
Then again, at the login screen when you're prompted to enter a code from Authy, it states:
In an effort to ensure member accounts remain secure, SMS has been suspended. Our team is working to improve the 2FA process and apologize in advance for the inconvenience.
To me, this reads that they understand the problems with this method (for one, Windows phone users are left out), so maybe I can hope for an implementation of the standard 2FA system that 1P uses....
Seems like in the meantime I'll have to use Authy just for the sites they were able to wrangle into their API, right? I'll also reach out to Uphold to allow for standard 2FA codes.
Could Agile Bits implement the Authy API in 1Password? I guess, assuming Authy has a more secure variant of 2FA, this would be the ideal solution!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided