To protect your privacy: email us with billing or account questions instead of posting here.

Hide one time passwords from users

JimmyJetset
JimmyJetset
Community Member

Is it possible to implement a toggle to hide one-time passwords from users, in the same way we can toggle 'reveal passwords' on and off? We are trying to tighten up security in some situations, so would find it helpful if they could attempt to log in, but would then need to contact a supervisor for the one-time password.

I don't really mind about obscuring the passwords from them, but the 'reveal passwords' toggle still shows the OTP codes. Could we please have a toggle to hide this too?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @JimmyJetset, thank you for the suggestion. I can definitely see how this could be useful.

    Usually when you want to hide the password, I would imagine you'd also want to hide the one time password (OTP) as well, right? Would you see this as two separate toggles - one to hide just the password and the other to hide just the OTP? Or just a single toggle to hide or reveal both at the same time?

    Also, note that when the Reveal Passwords toggle is disabled, your team members can still fill the password in and use it to sign in, they just can't see the password within 1Password. If we were to implement something like this for OTPs, it sounds like you'd like it so they couldn't even use the OTP let alone see it. This would then work a little different to how Reveal Passwords toggle works.

    While I can't make any promises on when or even if something like this will ever be implemented, we appreciate hearing your feedback and knowing what you'd like to see.

  • JimmyJetset
    JimmyJetset
    Community Member

    Hi Meek, I think a toggle for each would be useful. One such use case is with our Twitter accounts. I'd want to be able to allow them to reveal passwords so they could enter all those details into mobile devices, but then they couldn't finish logging in until they'd requested a 2FA code from a supervisor. If the passwords were also hidden, we'd have to first send them the password insecurely and then the code as well.

    Hope that makes sense. Basically, hide the OTP option for those users but still make it visible to admins. Only way we can get around it at the moment is by having duplicate logins, one for admins and one for regular users. Or using the separate authenticator apps, but that loses the convenience of 1Password.

    Thanks

  • AGAlumB
    AGAlumB
    1Password Alumni

    Likewise, thanks for bringing this up! I'm not sure I would have ever thought of that myself, but it's an interesting idea. Cheers! :)

This discussion has been closed.