Manage security keys, MFA options and phone numbers

Hi All,

this a feature request. I would like to manage MFA and self service password reset (SSPR) options within 1password. This would be give a good visibility for:

  • "Where do i have the security key configured I just lost?"
  • "I am switching phone numbers but on which sites do i have the phone number configured?"
  • "I lost my phone with my MFA OTP app, which accounts did i use it with?"

-> Not only gives it visibility but also allows it the user to ensure a proper recovery option is available. E.g. "Watchtower report: You have only 1 MFA option configured -> this is a risk for account recovery"

I would like to store the following information on logins:

  • Configured MFA options
  • Configured self service password reset options

Example, I have:

  • x4 FIDO2 security keys
  • Several email addresses (already in 1password)
  • A mobile number
  • A MFA OTP app on my mobile phone

On logins I would like to have a dedicated option for MFA options and SSPR options. This would allow me to link MFA or SSPR options to the login.

The linking would require a new object type "MFA/recovery" which would allow me to create objects for my security keys, OTP apps, mobile numbers, hardware tokens....

As for now I could make a MFA and SSPR section to a login but its only text. What we need is a good search function which might be easier with linked objects. (e.g. "Where do i have the security key configured I just lost?")

Thanks,
Alex


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:security keys

Comments

  • AlexFilipin
    AlexFilipin
    Community Member

    I ended up a with a "MFA" and "Recovery" section - adding the different items as label/field entries. As mentioned above their is room for improvement since everything is text right now making it hard to search or rename etc.

  • Hi @AlexFilipin,

    Thanks for taking the time to write this up for us.

    At the moment, we do not plan to add more field types as you can use either the text, password, one-password custom field types to create your own custom fields. In addition, you can link items if you want, create a new Password item that is for your OTP app on your mobile device and then link your other items to it under the Related Items section like so:

    However, what we do plan is to add an advanced search UI, so that you can find all items with specific fields, something like this from the macOS version of 1Password:

    That way, you can quickly find all of your item related to MFA or security key.

    Another thing we can do to help is autocomplete existing field names, so you don't end up with inconsistent field names.

    We're also working on custom templates that is currently available as a beta feature in 1Password Business plan that let you customize the template with field names and types you want to reuse every time. We'd love to bring this to everyone as soon as we can.

    There are a lot of improvements we plan to do on top of these while simplifying the process, so that it is intuitive to use.

  • AlexFilipin
    AlexFilipin
    Community Member

    Hi Mike,

    thanks for the response, after further testing even the simple search seems sufficient.
    Using related items does not give me any added value, because the structure from sections is lost.

    Another thing we can do to help is autocomplete existing field names, so you don't end up with inconsistent field names.

    That would be excellent!

    We're also working on custom templates

    Sounds promising, this together with the auto-completion should cover my requirement.

    The solution, however, is purely self-initiative, it would be nice if 1Password encourages users to better account hygiene. For example with a hint that always two MFA methods should be configured to ensure recovery. I'm sure you could think of something good here, but I don't know the perfect solution.

    Thanks,
    Alex

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks for the feedback! Certainly something we can consider. :)

This discussion has been closed.