Only FIDO2 Options for 2fa.

Hi, there :) !
I am trying to set up 2fa for our Org, and as I can see, it is possible to use security keys only after enrolling authenticator app.
Is it possible somehow to get rid of this requirement?
We don't use authenticator apps, and OTP factors are not as phishing-resistant as we need to. That creates a strange user experience when installing the Authenticator app for a single service. In addition, user very likely replaces their phones and lose 2fa accounts and forget to tell the IT team about it then do it with their main Yubikey.
So does the 1Password team has a feature request to replace the authenticator app+yubikey with just 2 Yubikeys?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hi @thirteenth 👋🏻

    It is on the wish list. At present not all of our client apps support FIDO2, and so by allowing a FIDO2-only option and dropping TOTP entirely we'd be locking those clients out. We're hopeful we'll be able to support FIDO2 everywhere in the future and then this will be a more feasible option we could offer.

    Ben

  • thirteenth
    thirteenth
    Community Member

    Thank you, Ben!
    Could you please share a list of apps that do not support FIDO2?
    And my manager will ask me about this, so I need to ask you. Do you have any ETA for this feature?
    Can I upvote it somehow (through our success manager or something)?

This discussion has been closed.