1Password on Mastodon

Accounts where TOTP code should be appended (or prepended) to the password

Community Member

This may be a bit of a corner case request, but here goes...

There are some websites (looking at Etrade.com!) where the 2FA TOTP code needs to be silently appended to the password in the same field. There is no visual indication to remind you that a 2FA code is required, and if you forget it just tells you you entered the password wrong[1].

Another example is the login page to opnsense (and maybe pfsense?) router/firewall software. You can enable 2FA on your router, but then have to remember to concatenate the TOTP code just like on etrade.

It would be nice if I could edit or otherwise flag that login item so 1Password knows to automatically concatenate the password and the 2FA code for me so I don't forget.

[1] Admittedly, there's a "use security code" checkbox that reveals a 2FA field, but if you've remembered to check that box, you've remembered you need a 2FA code, so that's not really the issue

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided


  • Jack.P_1PJack.P_1P

    Team Member

    Hey @zcutlip:

    While it isn't currently possible for 1Password to do this automatically in a single fill, it's definitely something we've heard feedback about before. We have an internal issue tracking this request, and while I can't promise anything specifically, I'll add your voice internally!


    ref: IDEA-I-702

  • DenalBDenalB
    Community Member

    I also created such a request in December 2021:

    And there was another request in August 2019:

    Yes, this is a special case, but it would be great if 1Password could add such a feature. 😎

  • ag_mike_dag_mike_d

    Team Member

    Hi @DenalB! Thanks as always for your comment and this follow-up including those previous requests. I'll be sure to include those details along with the internal issue we're tracking. Have a great day!

  • zcutlipzcutlip
    Community Member

    Yep, an edge case for sure, but glad I'm not alone. Thanks for considering!

  • ag_tommyag_tommy

    Team Member

    No trouble, we're happy to help.

  • meloramamelorama
    Community Member
    edited November 2022

    Adding my support to this as well. I dont think this is a "special case" feature at all. I have several sites that I use daily where I find the lack of 1Password field concatenation really annoying (USAA and my OPNsense router admin page are two that immediately come to mind). Its not 1PW's fault of course, as this is a really silly hack method to not have the OTP code as a secondary input field on these login pages, but the reality is, there are sites that insist on doing it this way, and it's a real pain to not be able to auto-fill credentials this way via 1PW.

    I saw a 1PW team member mention (in one of the numerous previous--and now closed--threads about this feature request) that implementing this feature poses a UX challenge, which I can understand. But it seems to me that it doesnt have to be any more complicated than having a special "dynamic password" (or something better named than that!) field type where you can construct fill-in data based on existing fields in the same vault item, using a "tag" based UI.

    For example, here's how a theoretical "dynamic password" field could work, where I can build a single "dynamic" fill-in field by using concatenated "tags" that represent the names of existing fields in the vault item. This way, you could (at best) map the "password" form field entry to the "dynamic password" field for seamless auto-fills, or (at worst) manually copy and paste the contents of dynamic password field into the form. This way at the very least, you wouldnt have to manually copy and paste data from multiple fields every single time you want to login. You'd just have to copy a single field!

  • alwzbkrakenalwzbkraken
    Community Member

    The sketch by @melorama above looks very usable to me... nice job. As a 1password gui user, I would have no problem with that if the need arose. I wish it was in the app :)

    I'm not so sure this is a corner case. For example, to enable TOTP on some of the most commonly used firewall web GUIs (eg: OPNSense), you concatenate the TOTP and the password for any authentication attempt. If I want to authenticate with the OpenVPN VPN on one of our firewalls, it also takes this structure. Identity platforms like FreeIPA do the same thing. I think you see it even more as an admin user, though some consumer / regular-human sites are doing it too.

    I basically evangelize 1password, btw. Getting people to adopt good security hygiene is really really hard if they don't have a way to manage longer, more complex authentication processes. I'm probably preaching to the choir here :) Anyway, I can tell you that the two companies in our corporate group are using concatenated [TOTP][Password] to authenticate on the firewall gui and VPN at least. An MSP we work with has the same setup internally because we set it up for them. Some of their client sites either have or will-have the same. And a corporate client of ours with ~5,000 employees may have the same thing for some users (admins and managers mostly) in the future.

    So... I also think this would be a good feature. It's not impossible to log into the concatenated-password things without it (especially if you're technical enough to script something yourself), but it would be convenient if there was a way to handle it. Hope you all will consider it, and thanks for making a great product. :)

  • viswizviswiz
    Community Member

    All three corporate firewall clients I've used/still use require a PIN code followed by an OTP. Please add support for this use case, The UI mockup of @melorama seems to be a good way to implement such feature.

  • nufstynufsty
    Community Member

    Adding my vote for this feature. I have the exact same problem with USAA.

  • Joy_1PJoy_1P

    Team Member

    Hi @alwzbkraken @viswiz @nufsty! I can definitely understand why this feature would be great to have. I've passed along all your feedback to our developers. Hopefully this will be considered in a future release.

    PB: 31413791

  • neilwalshneilwalsh
    Community Member

    Adding my voice to this. I need to switch between multiple VPNs (OpenVPN) throughout the day and each time requires this password+otp back and forth dance. I've been tracking this issue for a number of years but I must say @melorama mockup above looks like a usable solution and I imagine (as a fellow developer) "fairly" straightforward to build. Obviously this has to be weighed against other priorities but if you're looking for a nice user facing feature that will have a big quality of life improvement for a number of your customers then I'll vote for this!

  • 251empira251empira
    Community Member

    Adding my voice to this. I need to switch between multiple VPNs (OpenVPN) throughout the day and each time requires this password+otp back and forth dance.

    same here i almost tried every vpn listed on nuky but nothing works properly

  • Joy_1PJoy_1P

    Team Member

    @neilwalsh @251empira thanks for the feedback, I've shared your comments here with our developers.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file