Require Yubikey when Signing into Chrome Extension?
I have Yubikey auth enabled for my account, and when I need to log in to my main account through the 1Password website, it prompts for my key. When signing into the extension however, it does not prompt for it. Is there a way to require the extension to ask for the key?
I've seen older questions about this, but they were from early this year and seemed to suggest this feature in the future.
Thanks
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Welcome to the 1Password Support Forum. :) It isn't possible to configure 1Password to prompt for a Yubikey beyond the initial device authorization process (with the web app being somewhat of an exception*). 2FA serves a different role with 1Password than it does with traditional authentication based services, because 1Password's security is encryption based.
Authentication and encryption in the 1Password security model
The function of 2FA with 1Password membership accounts is to help protect the device authorization process. Once a device is authorized 2FA is no longer required, unless the device is subsequently deauthorized through the web app, or the browser/app's locally cached copy of the secret is cleared. Essentially 2FA helps prevent a replay attack from authorizing a device. It is not designed to help in the case that someone has access to one of your authorized devices. As such 2FA does not prevent you from accessing locally cached data (e.g. while your device is offline). (*) The web app doesn't utilize such a local cache, and so it is a different situation, however this also means that offline access is not possible with the web app.
The information in this thread may help as well:
Two-factor apps — 1Password Forum
Ben
0
