One time passwords
Hi. Sorry if this has been asked before, but I am finding it strange to store my one time passwords (for 2 factor authentication) within 1Password. Isn't the purpose of the one time password to be stored somewhere else (like an authenticator app) that is separate from the 1Password vault?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@squash - it's a subject of both ongoing discussion and personal preference. The answer is: there really isn't one definitive answer. The term most used in both the tech and "regular" press is "2FA" - Two-Factor Authentication. But "factors" are usually supposed to be separate channels - something you are (biometrics like fingerprints or Face ID, etc), something you know (like a password), and something you have (like a hardware token or similar). Any of these can be genuine second factors. But storing your TOTP codes in the same app where you have your password (within 1Password) is not true 2FA. it's called 2SV (two-step verification), and although it's not as separate (and therefore strong) as genuine 2FA, the real-world differences may be less than you think. Our Chief Defender Against the Dark Arts, jpgoldberg wrote a blog post on this very topic back in January of 2015 when we debuted the TOTP feature in 1Password, and I recommend it still, as a way of understanding the subtle differences. Hope that helps! :)
0