Isn't it time for 1Password Support Forum to add 2FA support?!?

melvynadam
melvynadam
Community Member

An increasing number of forums are adding support for 2FA and it's still not here - my trusted password protector!
Time for this forum to get as secure as the security product you're supporting.


1Password Version: n/a
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_ana
    ag_ana
    1Password Alumni
    edited December 2019

    Hi @melvynadam!

    Thank you for your feedback :) The last time I checked, Vanilla were still considering adding this feature. As you can see, the discussion is quite old now, so I am not sure if there have been any updates on that front. My Google search didn't return any useful information unfortunately :(

  • AGAlumB
    AGAlumB
    1Password Alumni

    I don't believe that it's appropriate or necessary here, since there is no personal information and it's completely separate from anyone's use of 1Password. But I haven't seen it brought up before either, so it's interesting. What benefit do you anticipate two-factor authentication would offer to users of the 1Password support forum? :)

  • melvynadam
    melvynadam
    Community Member

    I'm not sure that the assertion that there's no personal info here is completely valid. People discuss specific sites that they use, and their security concerns/requests for accessing those sites. With a rogue access to my 1password support forum account, a threat actor might learn what my banking site is, how I manage my 1password vaults, other sites I use, whether I migrated from a different (less secure) password management tool (and perhaps left footprints on their cloud), etc.

    In short, users might have posted questions that reveal preferences for all kinds of security matters and that material should be secured by you, the site owners. Wherever security discussions are taking place, it makes sense to add 2FA.

  • XIII
    XIII
    Community Member

    @melvynadam This a public forum, so those bad actors just need to create an(y) account to read everything that is posted here.

  • melvynadam
    melvynadam
    Community Member

    An excellent point!

  • ag_ana
    ag_ana
    1Password Alumni

    It should also be said that we regularly make sure that no personal information is posted on the forum and if it is, we correct such posts as soon as possible, by removing any personal information. You always have to be careful and aware of what and how much you share online, but since 1Password data is completely separate from the forum, something happening to the forum would have no repercussions to the 1Password data itself.

This discussion has been closed.