Two factor authentication experience is terrible
Using the web page, I setup two factor authentication on my account with the Microsoft Authenticator app.
Attempting to use the iOS app a few minutes later, it prompted for a two factor code, and rejected the one from MS Authenticator (which I use regularly with Microsoft accounts).
After a couple of tries I gave up and selected Not Now, it prompted me with another Not Now, then in a second popped up a two factor request for a second time, and I had to hit Not Now twice again. So after four times clicking Not Now, it let me in the app.
I prompted logged into the web site which didn't need the 2FA Code and turned off 2FA.
There is no reason for the 1Password iOS app with FaceID to use 2FA - at the very least, it should be possible to turn it off.
There is no reason for the app to require four clicks to confirm Not Now.
There is no reason the app should reject the 2FA code minutes after being setup.
Not impressed. Microsoft has the best 2FA experience, where I don't even enter a code, I click Approve on my Watch and am done.
1Password Version: 7.7
Extension Version: Not Provided
OS Version: iOS 14.2
Sync Type: 1Password Account
Referrer: forum-search:two factor authentication
Comments
-
Hi @NetMage
There is little incentive to use 2FA (TOTP) with 1Password. It does add a level of protection to the device authorization process, but beyond that it isn't utilized. Especially if you're struggling with it, unless there is some organizational requirement that you use it, I would turn it off entirely. Encryption always has been and will continue to be the thing that is ultimately protecting your 1Password data.
That said, we appreciate the feedback about the workflow. There is a bug that happens when you switch away from the 1Password for iOS app that prevents codes from being accepted. The workaround for this would be to get the code from your authenticator app prior to launching 1Password for iOS.
I hope that helps!
Ben
0