Feature Request: Cascade Login Record for 2FA

dlaplexurenet
dlaplexurenet
Community Member
in Lounge

Hi,
Personally I have the following situation:
I have an Active Directory account and on top of that, different applications use different 2FA step-ups (two different TOTPs).
If I duplicate the full login record, I would have to manage both if I change the AD password and 1P would tell me that I have a reused password.
It would be great to have one shared master login (AD) with the username/password and 2 other ones, linked to the master for both applications with different TOTP.
Anyone else in such a situation or similar where this could help?
David

Comments

  • dlaplexurenet
    dlaplexurenet
    Community Member

    I just thought, a more global solution could be linked fields. Instead of putting a text field, you could add a new field type call reference and then pick a field from another record.
    In that case you could even use it for other purposes (eg have an Identity record with your first and last name, and/your email and reuse the same information everywhere - if you change the identity, all other records are updated as well).

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @dlaplexurenet!

    Have you considered adding both TOTPs in the same 1Password Login item? You can add as many custom fields as you wish in a Login item, including one or more TOTPs if you prefer:

    Customize your 1Password items

  • dlaplexurenet
    dlaplexurenet
    Community Member

    Hi @ag_ana . That's not really an option and here is what I didn't like:

    • According to the URLs defined on an item, it will suggest the wrong OTP depending on the page you visit (right now it's prefilling the OTP nicely in Safari)
    • In case you toggle between browser and 1Password, 1Password has the nice feature to copy OTP automatically, once you copied password - it will not be possible to do so, as it doesn't know which TOTP to use
    • If you have the item set as a favorite, only 1 TOTP can be shown in the UI
    • If you have the item set for Apple Watch, only 1 TOTP can be shown

    Basically, I've been there with your suggestion, but unfortunately too many draw backs.

  • ag_ana
    ag_ana
    1Password Alumni

    Understood, sorry to hear that @dlaplexurenet. In this case, the next best solution would be to have two separate Login items, with the drawbacks you mentioned in your original post.

This discussion has been closed.