How to set up MFA/OTP for Facebook in 1P Families?

abandonedbrain
abandonedbrain
Community Member

I'm trying to be a good boy and set up MFA on all sites which provide it. So far I've had no issues configuring this with the Mac version of 1Password (I subscribe to Families, and my work provides a Vault via Teams, as well). However, I'm having the darnedest time getting 1P set up to do Facebook's site.

The only way I can see to do this on FB is via an App Password, which I plug into 1P as an OTP per the tutorial on this site. However, this does not allow me to log into FB. I've done the setup when logged into FB in Chrome on my Mac, but it fails logging in on any of my devices, including Windows 10 and iOS.

Is there a "preferred" way to do this for FB? Thanks for any help!


1Password Version: 6.8.7
Extension Version: 4.6.12.90
OS Version: macOS 10.12.6
Sync Type: Families

Comments

  • Lars
    Lars
    1Password Alumni

    @abandonedbrain - first of all, before I say anything else, hats off to you for wanting to add TOTP everywhere you can. šŸ˜Š

    Unfortunately, the preferred way to do it when it comes to FB specifically is to do it they way they force you to; they have implemented their own TOTP infrastructure which does not make it easy for an external application like 1Password to be able to replace their "communicator" app. Virtually all other applications do not impose this type of restriction on their users' use of TOTP/2FA, but Facebook is the exception here.

  • Lars
    Lars
    1Password Alumni

    @abandonedbrain - let me actually take a step back here. I assumed you were referring to Facebook's business service, Workplace. Because if so, then what I said above is correct. However, if you're just referring to standard consumer Facebook, you should be able to set up TOTP. Can you clarify for me which of these is the case?

  • abandonedbrain
    abandonedbrain
    Community Member

    @Lars Thanks for checking in. Actually, I'm using regular old Facebook for consumers (this is for my Families account, not my Teams account).

  • AGAlumB
    AGAlumB
    1Password Alumni

    @abandonedbrain: Can you tell me where you're running into trouble? I didn't have any issue using the "Code Generator" option in Facebook's security settings to generate a TOTP code with 1Password to setup two-factor authentication in my account...though it appears I can't use that without having insecure SMS enabled. :angry:

  • abandonedbrain
    abandonedbrain
    Community Member

    @brenty I'm not using the FB mobile app (I want nothing to do with that because of privacy), I'm only trying to use the web-based site. From what I understand, Code Generator requires the mobile app. If I'm mistaken, please let me know! :)

  • Lars
    Lars
    1Password Alumni
    edited March 2018

    Ah, OK. So you're using personal Facebook and not the mobile Facebook app. You should be able to set up MFA that will work in desktop 1Password as a TOTP code, then. First, click on the drop-down arrow at the far right of the top blue bar on the Facebook home page. Choose Settings, and from the menu there, click on Security and Login in the left sidebar and you'll see "Use two-factor authentication" about halfway down the page. Click "Edit" to the right of that, and you'll see the menu.

    Click "third-party app" under Code Generator and that should give you a pop-up with a QR code for TOTP. You can use either 1Password on an iOS device to scan the code or the scanner within 1Password for Mac -- here are instructions for both. That should work for you, but let us know if you hit any snags.

  • abandonedbrain
    abandonedbrain
    Community Member

    @Lars That's the bit I was missing! Worked perfectly, thank you very much for the assist. There are sites with support forums I just despise having to visit (hello, Adobe, Extensis...), but it's always great visiting AgileBits' forums because everyone's nice and I've not had a problem finding a solution yet!

  • Lars
    Lars
    1Password Alumni

    @abandonedbrain

    it's always great visiting AgileBits' forums because everyone's nice...

    Awww, thanks -- you made our day. :) We do try pretty hard around here; it's nice to hear it works for people.

    and I've not had a problem finding a solution yet!

    That's the goal -- only now, I'm afraid someday we won't be able to live up to it! šŸ˜‰

    Seriously, though, I'm glad we were able to assist you. It's usually possible to substitute 1Password for whatever other TOTP mechanism they hope you'll use, as long as there's a "code generator" (or whatever they're calling it) feature. If it's SMS only at a given site, that's when you may be out of luck. But it never hurts to ask us; we may be able to get you a solution. Have a great rest of your week! :)

This discussion has been closed.