The security of storing the 2FA key into 1Password
Hello everyone!
I have one thing which I asked some time ago in this forum. Two-factor authentication is yes a great way to secure your account besides a strong password. 1Password supports since 1Password 5, if I remember correctly the possibility to generate the codes for the two-factor authentication.
Now 1Password 8 is here and offers the great universal autofill. Since last year, I have been using a YubiKey as a second factor and also have the secrets for all accounts stored in YubiKey authenticator.
Now, of course, some of the convenience that could be given by Univesal autofill is lost. Since I have to insert the physical YubiKey every time to log in somewhere. Pretty annoying.
Is saving and generating one-time codes in 1Password really a good idea and does it make sense? Is it secure?
I have secured my 1Password account with the YubiKey since I have it. What are you using your YubiKeys for?
I was thinking of storing all the accounts that have two-factor authentication in 1Password except for accounts that are particularly vulnerable. For example, 1Password. The most vulnerable accounts will then be secured with the YubiKey. Is this a good idea?
Thanks for reading and sorry for my repetition
Mattis
1Password Version: 1Password 8
Extension Version: Not Provided
OS Version: macOS Monterey
Comments
-
Hey @Mattis:
Great question! Our principal security architect, Jeffrey Goldberg, spoke a bit about this here: TOTP for 1Password users
Let me know if that helps, or if you've got any other questions!
Jack
0 -
Hey @Jack.P_1P!
Thank you for your reply. After I read the article you sent above, I made the decision to not let 1Password generate the codes for two-factor-authentifcation :)
0
