add 2FA for logging into 1Password

WilDieterenWilDieteren Junior Member
in Lounge

L.S.,

I would like to propose adding 2FA as an option for logging into 1Password. Definitely for OSX, possibly also for iOS.

Wil Dieteren

Comments

  • MeganMegan

    Team Member

    Hi Wil Dieteren ( @WilDieteren ),

    Thanks so much for the suggestion! If you'd like to learn why 1Password does not currently support this, please have a read through our security guru's blog post: Two Factor or not Two Factor.

    If you have any questions about this post, please let us know!

  • primeprime

    I can see maybe on OS X, but I don't see a point for iOS. The iOS (your phone) is the 2nd factor. So you'll get the 2nd factor on the same device that has 1Password.

  • brentybrenty

    Team Member

    @prime: While the phone itself isn't truly a second factor (since 1Password is running on it), Touch ID provides this on supported devices.

    I know it's come up before, but we may explore the possibility of using the phone as a second factor for the computer. Perhaps Continuity will be expanded in a way which facilitates this. Hopefully Apple will have some exciting news next month at WWDC! :)

  • WilDieterenWilDieteren Junior Member

    @Megan,

    Will have a read, have not gotten around to it.

    @prime

    You are right of course, would be no use on iOS, so just OSX then.

    WilDieteren

  • WilDieterenWilDieteren Junior Member

    @Megan,

    I have just read the blog post, which has failed to completely convince me there is no need for 2FA. Also, the link to the forum topic at the end of the blog post does not seem to work.

    WilDieteren

  • littlebobbytableslittlebobbytables

    Team Member

    Hi @WilDieteren,

    It seems (I wasn't part of this amazing team at the time) that we've moved platforms for our forums at some point since that blog post. The new URL for that thread is https://discussions.agilebits.com/discussion/9045/two-factor-or-not-two-factor

    This page may also be of interest, Authentication vs. Encryption.

  • RichardPayneRichardPayne

    I have just read the blog post, which has failed to completely convince me there is no need for 2FA

    What are your doubts?

  • brentybrenty

    Team Member

    @WilDieteren: I don't think the intention was to 'convince' so much as to 'inform'. Cheers! :)

  • WilDieterenWilDieteren Junior Member

    @RichardPayne,

    It is not doubt so much as wanting as many security layers as possible, 2FA would ad an additional layer.

    @Brenty,

    The blog post does try to make the point that 2FA is not really necessary, so there is at least some convincing involved in addition to informing, but this is mostly semantics I think.

    WilDieteren

  • brentybrenty

    Team Member

    It is not doubt so much as wanting as many security layers as possible, 2FA would ad an additional layer.

    @WilDieteren: Hear hear! I can get behind that. :):+1:

    The blog post does try to make the point that 2FA is not really necessary, so there is at least some convincing involved in addition to informing, but this is mostly semantics I think.

    I think you may be right. Sorry for the misunderstanding! :chuffed:

This discussion has been closed.