1password 2fa Authenticator

1password authenticator

Besides using long, random passwords (and using a password manager to help you remember those passwords), one of the best ways is to secure your account with Two Factor Authentication (2FA).

1password 2fa Authenticator1password

Beyond the above, as two-factor auth has taken off 1password has been a godsend in collocating those rotating 2fa codes alongside passwords and automagically pasting them to the clipboard as needed. No dedicated authenticator app required. (And many thanks to Adam for turning me onto this feature a year or so ago!). The Microsoft Authenticator app is also available on both Apple App Store and Google Play Store and uses the same standard as Google Authenticator. Authy, the third most popular 2FA app is also available for both iOS and Android smartphones. In 1Password password manager, 2FA support is built into the app on all platforms. Step 1: Tag each 2FA account in 1Password The most important step is to make sure that you know all of the accounts which are currently connected to your existing 2FA app (Authy, Google Authenticator, etc). If you miss any, you will have to rely on those Emergency Recovery Codes or risk losing access to your account entirely. The most important thing you can do to increase your online security, alongside using a password manager, is to enable two-factor authentication.After interviewing three experts and testing seven. Step 1: Tag each 2FA account in 1Password The most important step is to make sure that you know all of the accounts which are currently connected to your existing 2FA app (Authy, Google Authenticator, etc). If you miss any, you will have to rely on those Emergency Recovery Codes.

Two factor authentication uses something you know (like a password) and something you uniquely have (like your iPhone). In most cases, when you use 2FA, after you log in, the site will send a six digit code to your cellphone. This code must be entered into the site before you can completely log into your account. Apple makes this easy by looking for these codes in Messages, and letting you quickly paste them into the field.

There’s two problems with this. The first, it assumes your cellphone number is uniquely yours and no one else will ever have it. Hackers have been known to trick cellphone carriers into moving your phone number to a device they control. Suddenly, they can use your phone number to take over various accounts.

The second is that it makes accounts hard to share. My bank uses 2FA, but my wife and I have to share the same account. When she logs in, she had to text me to get the 2FA code that’s sent to my phone.

There’s another and more secure way of using 2FA, this uses a time based algorithm to generate that 2FA code. In the old days, you would have a physical 2FA key that would display a new six digit code every 60 seconds. The algorithm used in this device was also used in the server. Thus, both you and the server knew the code. You would have the password (something you knew) and the physical key (something you have).

These physical keys are still around, but programs like Google Authenticator can now emulate these physical devices. If you download Google Authenticator, you can use 2FA without relying on SMS text messages.

I’ve been using 1Password almost since it came out. A few revisions ago, 1Password got the capability to be a 2FA key generator. One of the things I now notice is that 1Password warns me if a site uses 2FA, and I don’t have it setup. Sort of pushing me. It also has a type of field called One Use Password that I found out is for 2FA.

However, I didn’t use 1Password or app based 2FA because I worried it would be too complex, and I might end up locking myself out of my accounts. After all, Apple’s use of copying and pasting the SMS 2FA codes made using SMS based 2FA simple. I also worried I might lock myself out of my account if my 2FA didn’t work. Besides, these sites tell me I can use Google Authenticator. Can I use 1Password too?

It turns out that the algorithm to generate the 2FA time based codes is open source. You can use hundreds of authenticator apps. Plus, there was my bank account where my wife has to text me whenever she logs in.

1password 2fa authenticationAuthenticator

1password Authenticator

I decided to try 1Password with its built in 2FA, and found an account that uses 2FA (according to 1Password), but isn’t that important.

I went into Security Settings and selected to enable 2FA. Immediately, I ran into an issue: I was supposed to scan in the barcode. How do I scan a barcode that is displayed on my iPhone with my iPhone. Do I need to do setups via my Mac, and then scan them into my iPhone?

Fear not! Below the QR Code was Can’t scan the barcode. Clicking there gave me a URL to paste into 1Password. I created a One-Time Password field, and pasted it in. Saving the entry in 1Password gave me a six digit countdown code that changed every 30 seconds.

Download 2fa Authenticator

The site asked me for this code, so it verified that it worked before setting 2FA on my account. Entering this code and my 2FA was setup. It was fairly simple. The most comple part of the process was determining where 2FA is set.

1password 2fa Authentication

Using time based 2FA can’t be easier. When I am using Safari, 1Password automatically pastes the 2FA code into the correct field. 1Password also copies the 2FA code into the clipboard in case it wasn’t automatically pasted in to the field. And if all else fails, it’s not hard to bring up 1Password in the share sheet, and copy the 2FA code.

My only regret is that I didn’t do this earlier. Using 1Password with time based 2FA codes is easy to do and simple to implement. It adds extra security to your accounts without a lot of additional hassle. The hardest part of the process was trying to find the setting to setup 2FA for a particular site in the first place.

1password Google Authenticator

It’s actually even easier on the Mac. 1Password brings up a scanning screen for those QR Codes. When you create a One-Time Password field, a translucent window comes up, you place it over the QR Code, and 1Password automatically pastes it in for you.

If you’re not using 2FA, go to 1Password and look for all entries with a 2FA tag and set them up. This is especially true if this is a financial site.