Sendgrid requires Authy for 2fa, can I use 1password instead?

I think the subject pretty much says it all. I got an email from sendgrid today saying I have to enable 2fa by december. When I read the instructions, they either support Authy (never heard of it before this), or SMS. I would prefer to use 1password for convenience since I log into sendgrid a lot and I already have a really secure password.

I can find articles that tell me how to use authy as the 2fa for my 1password account password, but nothing on how to use 1password instead of authy for a site.

Thx


1Password Version: 7.6.785
Extension Version: Not Provided
OS Version: Win 10
Sync Type: 1password family

Comments

  • ag_yaronag_yaron

    Team Member
    edited October 14

    Hey @gveres ,

    One-time codes are a standard security measure with open sourced code, so there are a lot of apps out there that can function as your authenticator app. One of them is Authy. The most known and common one is Google's Authenticator.

    1Password itself can function as your authenticator app, so no need for Authy or Google's Authenticator though, which makes things so much easier. Here's how to add 2FA of a website in 1Password: https://support.1password.com/one-time-passwords/#to-save-your-qr-code-in-the-apps

  • Hi @ag_yaron

    I am aware and use 1password for 2fa with a bunch of sites. But Sendgrid doesn't seem to provide a qr code. So I am not sure how to configure 1password to be the replacement for authy.

  • ag_yaronag_yaron

    Team Member

    @gveres ,

    QR code is one way to add the 2FA secret to your authenticator app (in this case - 1Password). The other way is to manually copy the secret, which is usually a long random string of characters, create a new one-time passcode field in your 1Password app and paste the secret there. Here's how:

    1. Enable 2FA in your account on the website. Most websites will give you a QR code to add to your authenticator, but this website will probably show you a secret that you need to add to your authenticator. Copy that secret.
    2. Open your 1Password app and select the login entry of this website, then click on "Edit" to enter edit mode.
    3. Under the username, password and website URL fields you'll see some empty fields you can fill manually. Select one of the empty fields, click the plus icon on the right of it and change the field's type from "Text" to "One-time passcode".
    4. Paste the secret into the empty field and click on "Save" to save the changes. 1Password will start generating 2FA codes for you immediately.
  • Ok, unfortunately SendGrid must be doing a very tight, non-standard integration with Authy. What they provided was not a secret, it was a 5 digit pin and a phone number(my configured phone number). It doesn't look like they provided a secret to me at any point.
    I assume at this point I am stuck with the clunky workflow of starting up Authy to get the code.

  • ag_yaronag_yaron

    Team Member

    Hey @gveres ,
    I tried signing up for a free account there to test it but wasn't successful without contacting their support to confirm my test account.

    Any chance you can provide a screenshot of what the 2FA setup page looks like? You can censor out any personal info in the screenshot, or you can send it to me via email if you prefer (to [email protected], just add a link to this forum discussion in the email's body).

  • ag_michaelcag_michaelc

    Team Member

    Hey @gveres. I wanted to circle back on this one. There is the occasional site where they've chosen not to use the standard time-based one-time password algorithm and instead opt for the proprietary Authy. SendGrid is one of those, so you won't be able to use 1Password for your two-factor authentication currently. We have an open feature request for looking into extracting Authy secrets for use in 1Password, but I can't offer any guarantee when or if we'll be able to look into this or if it's even a possibility — but I'll let the team know you've run into this and would like to see it.

    In the meantime, you'll have to use Authy, and if you feel so inclined, I'd suggest reaching out to SendGrid and expressing your desire for a standard TOTP implementation. :smile:

    ref: dev/projects/customer-feature-requests#377

  • Thanks @ag_michaelc yea, it definitely looks like a proprietary approach. Even their TOTP is only 6 digits instead of 9.
    I will submit a request to SendGrid.

  • ag_michaelcag_michaelc

    Team Member

    You're very welcome. Happy to clear things up. Cheers!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file