Feature for auto-concatenating fields (e.g. for OTP based logins)?

melorama
melorama
Community Member
edited July 2017 in 1Password in the Browser

I've recently started converting many of my 2FA enabled accounts (which previously used SMS based 2FA, and also do NOT support Google Authenticator based OTPs) to use the Symantec "VIP Access" 2FA OTP token system. I'm using the fantastic, open-source "vipaccess" command line tool to generate the auto tokens and OTP URLs so that I can use them in 1Password. It works great!

However, the downside to this method is that many of the sites which use VIP Access based OTP logins require you to login using a concatenation of your "PIN number" and the OTP code, instead of your password. For example, on USAA's site:

It would be great if 1Password had a special field that automatically (and dynamically) concatenates multiple fields into a single field, for use in instances like this. For example, this is my USAA login info in 1Password:

If there was a special "variable" field, where I could tell 1Password to generate the value for that field using the current values of other fields (in my example, the "PIN" + "OTP" fields, that would be super awesome for filling in passwords for sites like this.

Until such a feature is implemented, this is inconvenient enough that I'm starting to revert back to using SMS based 2FA codes for these sites, which kinda sucks...particularly in the case of Paypal, which often seems to delay the SMS codes for up to 10 minutes sometimes!

Hope you guys can consider this for a future release of 1PW.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @melorama: It's something we'll consider for the future, but it's not something we'll be working on in the near term. This has only come up a handful of times, as it's a pretty odd and rare case. (Also, kind of scary that the password has to be a static length.) So currently we're focused on login scenarios that impact a greater number of users. However, if you can store the TOTP in 1Password for it to generate (it looks like you can), you may be interested in the beta automatic TOTP copy feature. Hopefully we'll have that in a stable release soon, since it sound like it would make this easier for you (provided you disable autosubmit for that login). Cheers! :)

  • ppcharlier
    ppcharlier
    Community Member

    Hi !

    Wouldn't it be nice to put the TOTP generated code directly in the third password field of the form ? Some way to force 1Password to attribute that value to a named field ?

    Let's suppose this login form :

    The fields are username, passwd, lang, and secretkey, like this :

    Langue - Dfaut English (United Kingdom) Franais (France) Nederlands nl-NL

    I'd like that 1Password somehow find out that he has to put the code generated by the "secretkey field of its item property that is a TOTP code and put it in the "secretkey" input field of the form.

    Perhaps like this ? leaving a 3rd option for a generated password, or to solve custom forms at the same time, leaving the possibility to add other fields to the datas attributed to inputs when filling it and go ?

    I hope you'll do something about that, it would even serve on the https://my.1password.com login page, or maybe you did some magic in the webpage for the application not to remember the Secret Account Key :-) !

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Greetings @ppcharlier,

    It is something we would like to address as we all routinely use TOTP here at AgileBits, I just can't make any promises as to when it might happen. For those of us that focus on the extension and filling we've had a busy time with with future browser changes and working on how the extension will communicate with 1Password going forward. The work will also need to be cross-platform so it's partly about ensuring everything is correctly thought out and documented for consistency. None of this means it shouldn't happen, just that sometimes priorities can delay great ideas when they span larger numbers of the moving parts.

    I think it's safe to say though that everybody, both here at AgileBits and that use it (which also does include everybody at AgileBits) will be happy when 1Password can do more for TOTP usage.

  • Helmi
    Helmi
    Community Member

    Any news on that topic? I'd really like to see TOTP autofill here.

  • jxpx777
    jxpx777
    1Password Alumni

    Right now, we don't have anything new to share on this front beyond the automatic copying of TOTP values that is now available in 1Password for Mac. Disabling autosubmit for these Logins so that you can paste in the TOTP value after filling is the best approach for now.

This discussion has been closed.