U2F support for Yubikey [under consideration for memberships; not applicable to standalone vaults]

Hi @laugher,

It is a good observation that TOTP schemes can be phished. But it is worth noting that except in the case of using the 1Password web client, 1Password can't be phished. As @brenty pointed out, our use of SRP means that our authentication process provides mutual authentication and transmits no secrets. In this respect it is like U2F.

I recently gave a presentation (paper and slides) at the Workshop on Authentication on some issues around 2FA (or on what is presented as 2FA). Only a small part of what is in the paper and talk is specific to 2FA in 1Password, I do think that it is a good place to start when talking about what sorts of security 2FA provides in various circumstances.

The paper and talk do mention that introducing 2FA can have negative side-effects for security in some circumstances (circumstances that I believe apply to 1Password). And so those need to be carefully weighed against the (small) security gain we would get from using something like Yubikey or other U2F hardware dongle.

Given that (except for logging in in a web browser), we're solidly preventing phishing. So are the real security gains of using U2F worth the risks? This remains an open question, and we are exploring ways in which we could make positive use of the sorts of things you are suggesting without doing harm.

Can I reconfirm where the secret key is being stored please? Is it on the local device storage?

Yep. It is stored locally. The Secret Key is not designed to protect you if data is stolen from your machine. It is designed to protect you if data is stolen from our machines. Although we make use of secure storage provided by the operating system for this, you should assume that if someone obtains your 1Password data from your own machine then they get the Secret Key with it. Again, the role of the Secret Key is to protect you if we get breached.

If data is stolen from your machines, then assume that the attacker gets the Secret Key along with the encrypted data, and so their attack will be on trying to crack your Master Password. They will do this as an off-line attack on their own equipment, and so no authentication factor will matter for them. They will not be going through our servers or through the 1Password application, but will be directly attacking their copy of your encrypted data.

@Bassebus: You can use Yubikey like that with a 1Password.com account already:

Use your YubiKey to sign in to your 1Password account

The difference being there isn't a way to do that before you sign in using your Master Password and Secret Key, since there's no authentication happening before that: you're interacting with 1Password solely on your device locally. Otherwise you'd always need to be connected to the internet to even touch 1Password, if you had to authenticate with a one-time password first, which would need to be verified with the server.

Thanks for letting us know that's something you'd like. However, to reiterate, in that scenario, that wouldn't offer a security benefit since the attacker already has access to your laptop. You'd still be relying on 1Password's encryption, not authentication, to secure the data...unless you mean that you want 1Password to keep no local data at all and then require authentication with the server each session and download it on demand, erasing it when it's done. You'd still not be much better off in that case, since anyone with access to the machine could save a copy of anything downloaded to attack offline later, but fortunately 1Password is designed to withstand such attacks anyway. If 1Password would simply "refuse to open", that would really only be security theater.

Welcome to the forum, @mertzjame! Thanks for weighing in. We've not got anything to announce with regard to U2F at present, but keep an eye on our blog as well as release notes for 1Password to see the latest additions/features. :)

Welcome to the forum, @Azes! Thanks for weighing in on this. We're looking at ways we can add support for U2F in a meaningful way to 1Password, but the key here again is "meaningful," as opposed to "security theater." Authentication and encryption are two different things despite being sort of from the same field (security). If someone is able to access data on one of your devices (perhaps through social engineering, or taking the device itself), they won't bother going through any authentication mechanisms in place, they'll simply extract the SQLite data file, and run password-cracking attempts directly on it. This requires strong encryption, but renders authentication irrelevant. Here's a little more on our thinking about what's effective (and what's not so much).

@tallackn: We're not a subsidiary of Microsoft, and we have a commitment to other platforms, not just Windows. And I'm not sure that Microsoft controls what other platform owners and software vendors do either. Our "roadmap" is also not public, as it's subject to change. (Incidentally, if it were set in stone, some news article would not be relevant anyway.) If and when we have something to announce in this area, we'll update this thread. If your situation is such that us not supporting Fido today is holding you back, and there's another tool out there that better fits your needs, there's nothing wrong with using it. We'll continue to evaluate this and many other things to determine what we work on based on what will make the biggest difference for the greatest number of 1Password users, but we're not here to sell you on hypotheticals, but rather the features and benefits 1Password offers today.