2FA watchtower false positive

tmakaro
tmakaro
Community Member
edited July 2020 in 1Password 7 for Windows

I have a login to apps.rackspace.com which watchtower flags as "Two Factor Authentication Available". The problem is that it's wrong (well sort of). Rackspace has true two factor authentication for admin accounts. However, I, as a lowly user account, only get the option to add a phone as a recovery mechanism. This is effectively just a different single factor authentication (which I did not set up do to the risk of a sim-swap attack). Rackspace does not have 2FA for user accounts (and no option for an admin to set it up for everyone either). Yes, I could tag it was "2FA" but I like this tag only for things that are in my authenticator app. Also, nested tags like "2FA/app" do not get removed from watchtower unless they are also tagged with 2FA.

Also, is there anywhere in particular that I can send you guys websites that support 2FA so that watchtower can flag them for people? How often do you update this?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @tmakaro!

    Also, is there anywhere in particular that I can send you guys websites that support 2FA so that watchtower can flag them for people? How often do you update this?

    We get that list from twofactorauth.org, so if you have any changes to suggest, I recommend sending it to them. 1Password then will update when that list changes ;)

    Which is also why I think you are seeing this on the rackspace website: if twofactorauth.org shows that rackspace supports 2FA, 1Password will show you the prompt because it has no way of knowing if your account is an admin account or not. The only way to suppress the warning, as you said, is to use the 2FA tag.

This discussion has been closed.