2-factor-login for 1password without having an account
hey there
first off, i want to say that i‘m very happy with 1password. I‘m so glad that my most sensitive data is well secured in such a convenient way. I‘ve purchased a triple-license for me and my family and i‘m also happy that i‘ve got these when they were available without a subscription. i fear i can‘t afford to have a recurring payment for every single service i use. Now i‘ve discovered that simple licenses are no more sold. will my license be invalid on the next big update? Another concern: I haven‘t set up a 1password-online-account - I don‘t want my sensitive data to travel too much. At the same time, i want all my passwords on all my devices - synching an encrypted container over a cloudservice of my choice seems to be a good balance for me. Now i‘ve tried to activate 2-factor-authentication for my 1password-login - it‘s kind of ridiculous, to turn this on for all my logins but still have a single static password for the 1pass-vault... if i‘m not mistaken, it is not possible to have 2fa without an account for 1password - is that right? Does 2fa within the app come anytime soon? will a custom totp-authenticator work or will you stick to the most commonly used solutions like google authenticator? i don‘t know what you security-professionals say but diversity gives me a better feeling. when i‘m using an odd totp-generator no one uses, i like to think that this is less likely to get hacked.
1Password Version: 7.7
Extension Version: 7.7
OS Version: 10.13.6
Sync Type: icloud
Comments
-
Hi @koille! Welcome to the forum!
While we are not marketing licenses anymore, we still offer them for those who really want them. But even if we weren't selling them anymore, your existing license will continue being valid for the version of 1Password you have already purchased ;)
if i‘m not mistaken, it is not possible to have 2fa without an account for 1password - is that right?
That is correct. My understanding is that this is not possible without a server verifying your 2FA codes on the other side, which is something that you have with a 1Password Membership, but not when the app is just installed on your computer.
0 -
Hey ag_ana
Thank you very much for the explications - that was fast and complete! So hopefully, there will be simple licenses again when 1pwd 8 comes out... 2FA can easily work without a server - for instants with TOTP, a time based one time password. As the name mentions, the two devices need a quite accurate timepiece and they have to exchange a security key beforehand. But i can imagine that, as 2FA is already implemented at a different location, i must be pretty alone with my wish to have it inside the apps. Maybe i have to change my mind about registering...0 -
One thing that is worth noting is that your 1Password data is secured via encryption, not authentication. Therefore, even if you had 2FA in the scenario you are describing, it would have nothing to do with the encryption of the data: your items would still be encrypted with your Master Password ;)
0 -
i didn‘t consider that. Thanks, i‘m reassured that my data is at the right place AND i‘ve got this the way i want it!
0 -
Sounds like a plan. We're here if you have any questions.
0