How does 1Password determine that 2FA isn't being used for a login / website?

johncclayton
johncclayton
Community Member

I've been going through the list of accounts that don't have 2FA enabled, and I'm curious to know how 1Password will work out how I've enabled 2FA. Is this some kind of nightly process that happens or am I suppose to somehow tell it that I've enabled it?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:2fa

Comments

  • Neither. :) 1Password (generally) knows which sites support TOTP. If you have a login saved for a site it knows supports TOTP but you do not have a TOTP field on that item, it’ll get flagged.

    Use 1Password as an authenticator for sites with two-factor authentication

    I hope that helps!

    Ben

  • aniforprez
    aniforprez
    Community Member
    edited October 2018

    1Password uses the database from twofactorauth.org and seems to check if a login for a website is in one of the list of domains. It does not know if 2FA is enabled for a site especially if you use external auth things like SMS or Google Authenticator. It only knows FOR SURE that 2FA is enabled if you use their TOTP field.

    Ben in the future can you also maybe add all websites that have 2FA option in any capacity and allow us to check if we've enabled it through SMS or an external service? Is that feasible?

  • That may be something we can look at in the future. :)

    Ben

  • fabx
    fabx
    Community Member

    Oh wow, I just checked the 2FA-feature, because I wanted to know what TOTP-field you are talking about.

    It's really awesome, I always avoided to use 2FA because I was afraid I could lose my authentification device. I didn't know 1PW has a built-in 2FA and fills the OTP without any hassle. Great work, really cool feature.

  • Thanks for the kind words, @fabx. :)

    Ben

This discussion has been closed.