How to choose correct 2FA one-time password when there are multiple per login?
Hello,
first of all: I love using 1Password - great software. Thank you!
I also enjoy the automatic fill-in 2FA functionality.
But recently I created an account on kraken.com where they allow the user to setup three different 2FA one-time passwords for different kind of actions on their website!
Problem
So whenever I need to fill-in one of these 2FA otps, I press CTRL + \
as usual.
But 1Password just fills-in the first of these three 2FAs that are stored in the details for that kraken.com login item.
I can't choose which 2FA otp to fill-in (like with which password to choose when there are multiple logins for one site).
Current workaround
I figured out that I can press CTRL + ALT + \
to bring up the 1Password extension window where I then can right click on my login to copy the correct 2FA otp I need (see screenshot). It works, yes, but this is a bit of a cumberstone.
Possible solution
I would wish to be able to choose which 2FA otp to use, in the same way I'm able to choose which login to use when there is more than one login combination stored in 1Password.
Or am I doing something wrong here?
How can I use 1Password to automatically fill-in the correct 2FA otp or at least prompt me which one to use?
Best regards
winklerrr
1Password Version: 7.6.791
Extension Version: 4.7.5.90
OS Version: Windows 10 2004 19041.746
Sync Type: Not Provided
Comments
-
Hey @winklerrr ,
This is the first time I hear of multiple 2FAs for a single account of a website. I assume that is the case because this is a major exchange website, and multiple 2FAs are meant for companies that require different permissions (e.g. only the CFO can withdraw funds etc).
If you are a regular user, I really do not see the added security since you keep all three 2FA codes in the same place. You are basically making things overly complex without additional security benefits.
In any case, 1Password was designed to only work with a single 2FA field and it will autofill that field automatically when needed. The workaround here would be to create a new login item that only contains the website's URL and one of the three 2FA fields. that way, when you try to autofill, you will be asked which login item you'd like to use - select the correct one that contains the relevant 2FA code.
It's not a perfect workaround but it should work like you want it to, if you decide to stick with your current method of three different 2FA codes.
We'll keep an eye for reports on other websites that ask for more than one 2FA code, but as I mentioned, this is the first one I hear of and this is quite the edge case. :)
0