Lost Phone with Authenticator App, can't login to 1Password
Just lost phone and I wanted to turn off usage to other locations for safety but the authenticator app is on that lost phone and I'm locked out.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: IPhone 12
Sync Type: Not Provided
Comments
-
What authenticator app did you use? Anything that syncs like Authy?
0 -
Google Authenticator. It doesn't sync from what I can see
0 -
@d0nkeyBOB Hmm have you by chance written down the inital 2FA secret? Did you try the hints on this page? https://support.1password.com/two-factor-authentication/#if-you-lose-access-to-your-authenticator-app
0 -
I got it turned off. Other browsers weren't allowing me to log in to the main site to turn off 2FA, but my work one did. Done and done
0 -
Great that you can login again :) I would recommend using Authy or anything that syncs for the 2FA.
0 -
Thanks for the update @d0nkeyBOB, and for the assistance here @Manaburner. Glad to hear you were able to get this sorted. As Manaburner alluded to above I'd highly recommend recording the TOTP secret on your Emergency Kit and/or printing the QR code if you decide to turn it back on. :+1:
If there is anything else we can do, please don't hesitate to contact us.
Ben
0 -
@Ben Glad that I could help
0 -
:) :+1:
0 -
Yeah. There was a time when 1Password was strongly against 2FA since it wasn't 2FE and a good password was just as good if not better because of the nature of the data and the application's purpose. I will tell you this is one of the reasons I do not use 2FA on 1 Password. Lose access to the authenticator and your goose is cooked. Maybe just provide a stronger master password? If a nicely decked out GPU-rig can't crack it, what's the 2FA for? (via the web would be soooooo much slower). If they are close enough to get my password, then they can take my database and crack it without the 2FA anyway since their decryption tools won't need it. Flip side, corp. sec departments are notorious for requiring it since they (rightly, unfortunately) are aware of the ability of people to come up with simple passwords that meet the requirements.... just suggesting an alternative. All my 2FA secrets that I do use for things like gmail or microsoft I keep in 1Password!
0 -
Flip side, corp. sec departments are notorious for requiring it...
Indeed, this was one of the main reasons 1Password accounts now have 2FA options, but every one of the arguments you gave earlier in your reply are also quite true: there is indeed a risk of losing access to the external authentication app/device, and although 2FA can provide additional security in some cases, those cases are more narrow and limited than many people imagine: 2FA on a 1password.com account will not matter to anyone in possession of your data (whether from stealing it from you via grabbing a physical device or otherwise). In the last analysis, a good, strong Master Password is the best and last line of defense, just as it has always been.
0
