2FA exception - Xfinity

jadchaar
jadchaar
Community Member
edited February 2019 in Mac

Hi guys,

I noticed a banner on my Xfinity login saying that 2FA is available for it, but it is only available with the proprietary Xfinity mobile application or via SMS. Xfinity does not seem to support standard TOTP (for use in 1P) so the banner should probably be removed for anything with the xfinity.com domain.

Source: https://www.xfinity.com/support/articles/enroll-2-step-verification

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Lars
    Lars
    1Password Alumni
    edited May 2019

    Hey @jadchaar! Long time, no see. :) Thanks for the heads-up. I agree, if they're restricting things to a proprietary app, it shouldn't be in our list. I'll notify Roo & crew. 👍

    ref: web/watchtower.1password.com#2

  • crispybishop
    crispybishop
    Community Member

    +1 for this request.

  • Lars
    Lars
    1Password Alumni

    :) :+1:

  • crispybishop
    crispybishop
    Community Member

    Don't mean to re-open this, but the same situation just popped up for eBay. eBay uses its own app for authentication, not a one-time code. See here: LINK. Can you note an exception for this?

  • Ben
    Ben
    edited May 2019

    Thanks @crispybishop. I'll see what I can do to make that happen. :+1:

    Ben

    ref: web/watchtower.1password.com#8

  • Unknown
    Unknown
    edited June 2019
    This content has been removed.
  • prime
    prime
    Community Member

    I really hate how these companies do their own stuff here. Way to make it harder on us

  • ag_ana
    ag_ana
    1Password Alumni

    @jimthing:

    I notice the "Two-Factor Authentication Available" banner has two buttons: "Don't Save In 1Password" & "Scan QR Code".

    >

    The question then is, what is this trying to tell users, exactly?

    This is an option that we offer so that a user is not prompted to enable 2FA for an account where 2FA is already enabled. It doesn't mean that we know (or don't know) if a website supports TOTP or not, it's mostly to leave the choice to the user on what authenticator app to use. I suppose some users might like to use 1Password as the authenticator app in certain cases, but maybe prefer to use a separate authenticator app for certain logins.

    But the issue then is that under the 2FA tag, we as users will have two different ideas being done there: websites that have their own non-TOTP method (like Ebay's in-app one) and websites that wrongly triggered the "Two-Factor Authentication Available" banner. How is this best handled?

    Do you have an example of a website that wrongly triggers the "Two-Factor Authentication Available" banner?

    Additionally, does that still mean users will have to still periodically manually check sites to see if they happen to offer the (arguably better? or perhaps just more convenient, being centrally located inside 1P?) TOTP method as a new option, sometime in future?

    I believe so, yes. 1Password checks a known list of websites that offer 2FA (we user TwoFactorAuth.org for that), but it only checks if the functionality exists, not all the methods offered by a service. Although it would be nice if there was a way to do this automatically!

  • ag_ana
    ag_ana
    1Password Alumni

    @prime: It would be certainly convenient to have everything in one place :+1:

  • Unknown
    Unknown
    edited June 2019
    This content has been removed.
  • ag_ana
    ag_ana
    1Password Alumni

    @jimthing: Thank you for the example! Even though it's not the cleanest approach, I would personally add the "2fa" tag to your ZenDesk item too, so at least I would not see the banner if it's not applicable to you. I would also add a line to the Notes section of the item explaining this to myself, for future reference.

This discussion has been closed.