9 wrong 2-Factor Authentication messages

motees
motees
Community Member

Hi,

1P is giving false messages for 9 website counts I use:

         I have 2FA enabled and works with TeamViewer, Navy Federal Credit Union, ifttt, Facebook, BackBlaze, GoDaddy, Amazon and AmazonUK
         but 1P says “you haven’t enabled it.”

How do I ged rid of these incorrect messages?

OpenDNS:
2-Factor-Authentication only available on their Enterprise accounts, not the Free accounts.
How do I get rid of the incorrect warning for my OpenDNS account?

Thank you, Tom Quackenbush


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:wrong two-factor Authentication message

Comments

  • Ben
    Ben
    edited January 2019

    Hi @motees

    Are you using 1Password to generate the TOTP codes for those websites? 1Password only knows 2FA is enabled if it is what is generating the codes for you. If you're using some other app, such as Authy or Google Authenticator, or a hardware token such as a Yubikey, 1Password has no way of knowing that. Even if you're using another method, I'd recommend storing the TOTP secrets in 1Password in the "one-time password" field on each respective item, if you have those TOTP secrets. You may not, at this point, but for any new accounts you set up TOTP for I'd recommend doing so:

    Use 1Password as an authenticator for sites with two-factor authentication

    Most websites will only show you the TOTP secret once (often in the form of a scannable QR code). In such cases often the only way to see the secret again is to turn off TOTP and then turn it back on, which will generate a new secret. You can input this secret into any number of apps / devices. For example I tend to use both 1Password and a Yubikey to store all of mine.

    To tell 1Password to ignore the fact that it thinks you don't have 2FA enabled you can add a tag to the item called "2FA" -- that'll remove the warning.

    Ben

  • danco
    danco
    Volunteer Moderator

    To tell 1Password to ignore the fact that it thinks you don't have 2FA enabled you can add a tag to the item called "TOTP" -- that'll remove the warning.

    Is that a new or replacement tag? I thought the relevant tag was 2FA.

  • motees
    motees
    Community Member

    Hi Ben,
    Fortunately I was able to figure out how to get 1P to use 2FA for 7 of my 9 accounts I listed above.
    Unfortunately the Navy Federal Credit Union and the OpenDNS websites were unsuccessful.
    Navy Federal Credit Union does not allow 3rd party authentications apps.
    OpenDNS free accounts are not permitted 2FA.
    So, I would like to stop the purple "you haven't enabled it" messages for these 2 accounts. How can I do this?
    Thanks, Tom

  • motees
    motees
    Community Member

    Putting TOTP as a tag did not remove the warning; putting 2FA as a tag did remove the warning; Thanks!
    Now how to get rid of the erroneous Unsecured Website warning for Highpoint-tech.com and Optical4Less.com
    Anyone know how to do this?

  • Lars
    Lars
    1Password Alumni

    @motees - yes, the correct tag is still "2FA" - glad it worked for you. If you have sites you sign into regularly that absolutely do not offer secure sign in over HTTPS (SSL), well, shame on them (not you). At this point in the internet, no site should be using insecure login pages. But if you still need to belong to a few that do, you can add the tag HTTP to any such sites, which will suppress those warnings on an item-by-item basis. Hope that helps! :)

  • motees
    motees
    Community Member

    Agreed!! And thanks for the tag tip.

  • Lars
    Lars
    1Password Alumni

    :) :+1:

  • My apologies for mixing that up. Indeed, the correct tag is "2FA." I'll update my post to reflect that for anyone else who comes across this thread. Sorry!

    Ben

This discussion has been closed.