Importing 2FA from Google Authenticator
Hi!
This is a feature request for something I've come across recently.
Google's Authenticator app allows users to export and import their 2fa keys. It provides a QR code that is to be scanned by the same app on another device. The issue is, the string in this key isn't the standard "otpauth://totp/..." format, but rather a proprietary base64-encoded protobuf payload. It's still possible to decode this for importing it to 1Password, example "rev-engineered" implementation can be found in this repo: https://github.com/scito/extract_otp_secret_keys
Would it be possible to support this natively within 1Password in the future, so that we don't have to rely on a third party tool to migrate accounts to 1P?
All the best,
Matyas
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Comments
-
Hey @matyasrichter:
Thanks for your feedback here! While I can't promise anything I can definitely see how it would be handy to import all of your one-time passwords from Google Authenticator. I've added your input to a feature request we have on the topic. Be sure to get in touch if you need anything in the future!
Jack
ref: dev/projects/customer-feature-requests#932
0 -
@ag_timothy , any updates on this feature? ;)
0 -
I'm still on the migration path and such small details make it very painful. This makes me think: When the migration is already so painful what else is implemented poorly.
The decoded string of the tool mentioned by @tycoooon is also not detected by 1password. When I paste the secret of the URL it works smoothly.
Off topic: I already found out that there is no support for Flutter Apps on Android. You cannot switch the type of imported Passwords. You cannot import the creation date of an imported password. Hmmm...
0 -
Thank you for the feedback. I've added your vote in favour of a feature to import 2FA QR codes from Google Authenticator to our internal tracking item for the feature request.
I'm sorry that you've had a rocky migration. I see that you've created a separate dedicated thread regarding Flutter apps and some other points and one of my colleagues from the Android side of things will reply there. 🙂
-Dave
0 -
Please this is a must!
Thank you!
1 -
Please add this feature! Would love to have 1Password be my one stop shop for all my password needs.
1 -
Please add this feature!
1 -
Super important, migrating from Google Auth requires me to redo all 2FAs every time! This is a must.
Any updates?
0 -
Hey @julianzpe
Could you please elaborate on what you mean by 'every time'? Are you storing all of your OTPs in both 1Password and Google Authenticator, or performing this migration from Google Authenticator to 1Password more than once? If the former: when presented with an OTP setup code, you can scan that same code with both 1Password and Google Authenticator to add it to both. That may help speed up the process.
I'm not aware of any immediate plans for a migration tool from Google Authenticator to 1Password, but I will continue to share the feedback here with our product team for evaluation. Thank you for the comments!
Ben
0 -
@Ben, my apologies, looks like I was really lazy when writing my message.
Let me rephrase my comment:
When migrating to 1Password from Google Authenticator, I cannot do so in-bulk but rather need to recreate each 2FA (on its origin app). I have over 50 of them in Google Auth, so this is not an option for me. Would be ideal to have the ability to migrate them all to 1Pass.
By 'every time' I meant that I need to recreate a 2FA for every item stored. Not the right word choice. Hope this clarifies now!
0 -
I see; thank you for clarifying!
Ben
0 -
I haven't even started to be able to do migration yet, but this would be helpful.
As an aside recently whenever I make a new Google Authenticator I take a screen dump of the QR code and store it in a VeraCrypt vault so I can add it to another device. Although last week I was very pleased to lean that I was able to easily export/import everything to a new Pixel (fortunately the old Pixel was still working).
0 -
Thank you for the feedback and for sharing your personal workflow when it comes to one-time passwords! 🙂
-Dave
0 -
As mentioned back in October with that tool is it possible to import the 2FA seeds without recreating it, but that is still a manual process.
0 -
Just started migrating to 1pass, and this is a pretty big inconvenience. The most painful part is removing the records from the Google Authenticator app after I've manually recreated the 2FA in 1Pass (to prevent using the wrong app). Because GA doesn't sort entries alphabetically on their edit screen. Been using this app for way too long, so I have too many entries.
I would LOVE a bulk 2FA import option.
1 -
Thank you for the feedback, I've passed it along to the product team. 🙂
-Dave
ref: PB-31043084
0 -
It would be great if 1Password supported the "transfer account" export format Authenticator provides to export the TOTP keys. (See more here https://support.google.com/accounts/answer/1066447 --> "Transfer Google Authenticator codes to new phone")
I've been following this issue where they've posted the links to how the reverse engineered the "otpauth-migration://offline?data=" protocol. https://github.com/google/google-authenticator-android/issues/118 and they show that apps like Aegis Authenticator to being able to decode it.
There's a community Go implementation that decodes it https://github.com/dim13/otpauth and a NodeJS one here https://github.com/krissrex/google-authenticator-exporter. I've been able to decode mine this way, but it's a one-by-one situation which is time consuming.
It would be nice if 1password supported converting "otpauth-migration://offline" format as it's not trivial for a non-dev to do so, although I understand the software maintenance burden of this so I'd be ok if it's an experimental importer.
1 -
0
-
1Password can do 2FA codes? I have not seen that feature anywhere. Where is it hidden?
0 -
Use 1Password as an authenticator for sites with two-factor authentication Give this link a look. If you have any questions let us know.
0 -
Just started my 14 days testphase yesterday and i got really angry that it has been over a year and still no implementation from GA to 1P???
And something like that costs 36$ per year?
1 -
I too would like to see this implemented
1 -
For myself I use 1Password as @ag_tommy suggested. One of my favorite all tie features of 1Password. Also, your TOTP seeds are automatically backed up along with your vault. I know this isn't 'true 2FA' but it is the most convenient for me.
0 -
Hi. New user transferred from LastPass. I have all my 2FA codes stored in Authy (similar to Google Authenticator). Haven't been able to work out out how to transfer these to 1Password. Would be a useful feature.
0
