Using 1Password in place of a physical security token? Possible?
I am a client of Morgan Stanley, and they have a bank called Morgan Stanley Bank, a third-party contractor. The Bank is notoriously bad, Morgan Stanley should fire them and get a better bank. The Brokerage side of their business is outstanding.
I am trying to understand if there is any way to use the 1Password Authenticator process to log into Morgan Stanley.
They are still using physical USB keys or hand carried tokens. 15 year old technology. So attached it their flyer . . .
Would 1Password emulate any of these authenticators on the flyer?
1Password Version: 1Password 7 Version 7.8.1 (70801003)
Extension Version: 4.7.5.90
OS Version: OSX 10.15.7
Sync Type: 1Passwsord
Comments
-
@FogCityNative These are not the same technology as the hand carried tokens of 15 years ago. The old technology can be emulated by 1Password because it is basically just a hardware implementation of a TOTP authenticator app which holds a single TOTP secret. I'm not familiar with all the security keys listed and the protocols they support, but based on the ones I do know and the total number of options, I guess Morgan Stanley Bank is using the U2F or FIDO2 protocols. These offer the most secure 2FA available, they provide strong protection against phishing and, as far as I know, cannot be emulated by password managers.
0 -
Indeed, if they don't offer a standard 2FA TOTP option and require a hardware key, there's no way for us to emulate that.
0