Feature request - allow multiple one-time passwords to be displayed in browser
If multiple one-time passwords are defined within a single login profile, allow them to be labelled so that the user can select the correct one in browser.
Default behaviour is to copy onto the clipboard the default one-time password
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Comments
-
Can you help me understand the use case here? Are you saying you have a site that requires two separate TOTPs as part of its login flow? If so, are you able to share what site this is for?
0 -
@ag_chantelle That is correct. This is not a public website. Creating two different profiles generates watchtower warning where passwords are reused across multiple profiles so I added two OTPs within the same account to avoid that. I use a single profile because it looks cleaner, it does not generate watchtower warnings and reuse the same master password. However, depending on the website link I login into (different links) I would like to have the otp that belongs to that website link to be filled in the website ui rather than the one defined in the master panel.
On a slightly different note I usually test MFA implementations in my local development environment. I still use 1Password to set my local passwords but having services that use localhost:3000, localhost3001, localhost:3002 does not help because I usually get a list of all password that have root domain localhost, rather than localhost:portnumber. If this can be enforced somehow in the login profile setting it will make 1password the perfect password management tool for local development as well.
0 -
That last suggestion - to distinguish localhost logins down to the port number is great! I have the same problem with lots of different logins on localhost
0 -
Any update or comment on this feature?
0 -
Hi @tanioartino:
Generally speaking we keep things pretty close to the chest, so we don't have anything to share just yet. Just to confirm, this is a situation where it's something like
admin.example.comandexample.com? They share a password, butadmin.example.comandexample.comuse different one-time passwords? Let me know!Jack
0 -
Hi @Jack.P_1P
Thanks for looking into this. Usually I see these type of issues when organisations integrate their ldap server with external access management provider like okta and they have an internal authentication server and an external one with different radius servers.
This ends up having to use two completely different websites:
login.example.com
example.okta.comSame username and password but different MFA. Ideally it would be amazing if the One-Time password could have a website attached to it so that only the correct one is automatically filled in or proposed in the browser password field.
0 -
This use case arises for me because I work for a consultancy company who provides services for several clients. I have an account in my employer's Microsoft Azure Active Directory domain, and that account is also a guest in several of our clients' Azure Active Directory domains. My employer's domain has an OTP, which is the primary OTP, and each of the domains in which I am a guest has its own OTP. I have those extra OTPs stored under the one login in 1Password because they all belong to the same username and password. However, this means I have to open the 1Password app and copy/paste the right OTP depending on which client's resources I am trying to access.
0
