Allow the authenticator app to be removed without disabling 2FA when security keys are in uses

Jason_G
Jason_G
Community Member

I was setting up a new phone but flubbed the authenticator transfer so I had to redo all my authenticator logins, but when I got to 1password in order to get my authenticator app QR code, I was forced to completely disable 2FA to set it back up, deleting not only the authenticator app but both my primary and backup security keys, then had to not only reconfigure the app but both keys again as well. There should be an option to either reset the authenticator app or remove and re-add if other 2FA methods are available


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Jason_G: Thanks for getting in touch! Can you clarify?

    Allow the authenticator app to be removed without disabling 2FA when security keys are in uses

    Removed from what? If you mean "removed from the 1Password account", that's just another way of saying "disabling 2FA" for the account.

  • Jason_G
    Jason_G
    Community Member
    edited September 2019


    If you have security keys, yubikey and such, attached to your account you can still have 2FA without the authenticator app, I shouldn't have to re-add security keys just to redo the authenticator.

  • Hi @Jason_G,

    We don't allow removing the authenticator app currently as not all of the 1Password apps support security keys, so you'd be locked out from many of your devices. Hopefully in the future we're able to expand support across all apps and allow removing the authenticator app, though no news to share on that right now.

    If that doesn't end up happening, I can see how allowing you to reset the authenticator app could be helpful. I'll make note of that suggestion for future consideration.

    Thanks for the feedback!

  • Rasterized
    Rasterized
    Community Member
    edited November 2019

    Hi @Jasper,

    Just wanted to put in a vote for the above request. I moved to security keys across all my most important apps, including 1password, because they're inherently more secure than app-based 2FA. Requiring me to keep the app option active feels a bit like it defeats the purpose.

    I understand you don't want folks getting locked out of some devices, but your support for security keys continues to improve, and my bet is that the folks who use security keys on your platform are savvier than average. If we're given the option and warned sufficiently of the possible repercussions, we'll make the right decision for us.

    My two cents.

  • This is something we can reconsider once 1Password for Mac, 1Password for Windows, and 1Password for Android support U2F.

    Ben

  • Rasterized
    Rasterized
    Community Member

    Understood, thanks for your response. Have you released a public timeline for those updates?

  • Understood, thanks for your response

    You're very welcome. :)

    Have you released a public timeline for those updates?

    As a policy, we don't do public timelines.

    Ben

  • longislandsound
    longislandsound
    Community Member

    Another vote for this. I want my 1Password, everywhere, to be locked down only to U2F keys.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for your feedback too @longislandsound :+1: :)

This discussion has been closed.